2 min read
How phishing works
A phishing email imitates a trusted sender — a bank, supplier or colleague — and pushes you to click a link, enter a password or approve a payment. It often uses urgency and a convincing logo. One click can compromise an account.
Protecting the business
Turn on multi-factor authentication everywhere, train staff to check sender addresses and hover over links, and verify money or credential requests on a known channel. Pair this with the payment controls in reducing payment fraud.
What it means for you
Credicorp lends to your company, not to you personally, and takes no personal guarantee. See business loans or apply online.
Frequently asked questions
How do I spot a phishing email?
Check the real sender address, hover over links before clicking, and be wary of urgency and requests for credentials or payment. When in doubt, verify on a known channel.
What is the single best defence?
Multi-factor authentication on every account, so a stolen password alone is not enough, backed by staff awareness.
Related reading

How do I reduce payment fraud in my business?
Dual authorisation, call-back verification of new payees, and clear limits on who can move money block most…
Read →
What is CEO fraud or business email compromise?
CEO fraud (business email compromise) is when a scammer impersonates a director to pressure staff into an…
Read →
Do I need cyber security in place to get a business loan?
A lender does not usually require formal cyber-security certification to lend, but poor controls that cause…
Read →
How do I protect my business from a bad debt?
Reduce bad-debt risk by checking customers before extending credit, setting firm terms, chasing early, and…
Read →Funding for UK limited companies
Credicorp lends to your company, not to you personally — short-term working capital with no personal guarantee. See what your business could access.