CACTUS IT

News

How to spot a Phishing email – With examples from UK businesses

by

how to spot a phishing email

Phishing emails are one of the biggest threats to UK businesses — and they’re getting harder to spot. As an IT support company in Yorkshire, we see examples every week from local businesses who almost fall victim.

The good news? With a few quick checks, you can spot most phishing attempts before they do any damage.

An example from a local business

One of our customers, a small manufacturing company in West Yorkshire, recently received an email that looked like it came from their bank. The logo was spot-on, the sender’s name matched their bank manager, and the message warned of “urgent account verification” to prevent suspension.

The giveaway? When the recipient hovered over the “Verify Now” link, it pointed to a completely unrelated website — a random domain ending in .xyz, not the bank’s own domain. We stopped it in time, but it’s a perfect reminder:

Always hover over links before clicking. If the web address looks odd or doesn’t match the organisation’s real site, it’s likely a scam.

Key signs of a Phishing email

  1. Check the sender’s address, not just the name
    Scammers can fake the display name (“NatWest Bank”), but the actual email might come from natwest-support@randomdomain.com. If the domain after the @ doesn’t match the real company, be suspicious.
  2. Poor spelling, grammar, or formatting
    Many phishing emails still contain typos or awkward phrasing. For example, we’ve seen “Your account will be suspended” — not something a professional UK business would send.
  3. Unexpected attachments
    If you weren’t expecting a file from someone, don’t open it — especially if it’s a Word document, Excel sheet, or zip file. These can hide malicious software.
  4. Urgency or threats
    Phrases like “Act now or your account will be closed” are designed to make you panic. Take a breath, and verify through official channels before clicking anything.
  5. Generic greetings
    Legitimate companies you work with usually use your name. “Dear customer” or “Dear user” should raise suspicion.

What you should do if you’re not sure

  • Don’t click links or open attachments until you’ve verified the sender.
  • Call the organisation directly using a trusted number (not the one in the email).
  • Report the email to your IT team or forward it to report@phishing.gov.uk (run by the National Cyber Security Centre).
  • For Cactus IT support customers please contact us at the helpdesk on 01943666711 or by email on support@cactus-it.co.uk and we will check the email for you

Why it matters for local businesses

We’ve seen phishing emails that successfully trick staff into giving away passwords, bank details, or making fraudulent payments. For businesses in Yorkshire, even a single incident can cause financial loss, downtime, and damage to reputation.

Training your team to spot these red flags is one of the cheapest and most effective cyber defences you can have.

Final tip: Phishing emails rely on you acting quickly without thinking. Slow down, check carefully, and when in doubt — don’t click.

For further advice and information on IT support for your business, please contact us on 01943666711 or by email on info@cactus-it.co.uk

Cyber Security Policies: What Every UK Business Should Include

by

If you’re a business owner in the UK, chances are you’ve already faced some form of cyber threat — from phishing emails to staff clicking suspicious links. But the truth is, most cyber incidents can be prevented with a simple first step: a written IT security policy.

This isn’t just a tick-box exercise. A clear policy helps protect your staff, your data, and your reputation — and is a key requirement of the UK Government’s Cyber Essentials scheme (Cactus IT are certified- click here to see why).

Even if you don’t have an in-house IT team, having a basic, business-wide policy creates structure, accountability, and peace of mind — especially as your team grows.

Why is an IT Security Policy Essential for Your Business?

Cyber threats aren’t just a problem for large corporations — small and medium-sized businesses (SMEs) are now among the most frequently targeted by cyber criminals. Why? Because they often have fewer defences in place, and attackers know it.

A written IT security policy is your first line of defence. It turns vague expectations into clear, enforceable rules — and ensures everyone in the business understands their role in protecting company data.

Here’s why every business, no matter the size, should have one:

✅ 1. It Sets Clear Expectations for Staff

Most cyber breaches start with human error — a weak password, a dodgy email link, or someone using personal devices for work. A security policy tells your team:

  • What’s acceptable and what’s not
  • How to handle company devices and data
  • How to respond to suspicious activity

It gives people the confidence to act responsibly, and the guidance they need to avoid costly mistakes.

✅ 2. It Helps You Respond to Incidents Quickly

If something goes wrong — a lost laptop, a phishing attack, or a data breach — a security policy ensures everyone knows what to do:

  • Who to report it to
  • What the first steps are
  • How to limit the damage

Without a policy, you’re left scrambling in a crisis. With one, you’ve got a plan.

✅ 3. It Supports Compliance and Certifications

UK businesses are increasingly expected to demonstrate good cyber hygiene — by insurers, regulators, and customers. An IT policy:

  • Helps meet GDPR and Cyber Essentials requirements
  • Shows that you take data protection seriously
  • Can even reduce cyber insurance premiums

If you plan to bid for government contracts or work with larger organisations, this is especially important.

✅ 4. It Builds Trust with Customers

Your customers want to know their information is safe. When you show them you have clear, documented policies in place, it builds confidence and trust. It shows you’re proactive — not reactive — about cyber security.

✅ 5. It Grows With Your Business

A good IT policy isn’t just for now — it evolves as your team, tools, and risks grow. Whether you’re a 5-person team or 250 strong, it’s the foundation of a security-first culture.

Need Help with Cyber Security?

At Cactus IT, we help small and medium-sized businesses across the UK build real-world, Cyber Security defences contact us today to book a free review.

Complete the form below to download a free sample Cyber Security template

Before publishing your Cyber Security template, please be sure to carry out your own legal and compliance checks on the document.

Backups and Ransomware: Why Your Business Needs More Than Just OneDrive

by

Ransomware and why OneDrive is not a backup solution

UK businesses are increasingly being targeted by cyber criminals — and ransomware is one of the most devastating threats. But while many businesses assume services like OneDrive or Google Drive keep them protected, that’s not the full story.

In this blog, we’ll explain why OneDrive is not a backup solution, what true backup protection looks like, and how you can safeguard your business from downtime, data loss, and costly recovery.

💣 What is Ransomware?

Ransomware is a type of malware that encrypts your files, then demands a ransom to unlock them. Victims often face:

  • Complete loss of access to business-critical data
  • Downtime while systems are restored
  • Potential loss of customer trust
  • In some cases, fines for breaching data protection laws

According to the UK’s NCSC, ransomware is one of the most significant cyber threats facing small and medium-sized businesses.

☁️ Why OneDrive is Not a Backup Solution

OneDrive (and similar cloud storage services like Dropbox or Google Drive) is great for:

  • File syncing across devices
  • Collaboration and sharing
  • Version history (to a limited degree)

But here’s why it doesn’t count as a true backup:

1. It syncs, not backs up

If ransomware hits your PC, those encrypted files will sync to OneDrive too — meaning your cloud version becomes encrypted as well.

2. Limited version history

OneDrive does have a version history feature, but:

  • It only retains a limited number of versions
  • It may not work for all file types
  • It doesn’t always include deleted files
  • It’s not guaranteed for recovery from large-scale data loss

3. No offline or immutable copy

Backups should be offline, separate, and secure — ideally with versions that ransomware can’t touch. OneDrive is always connected, and that makes it vulnerable.

🔁 What Does a Proper Backup Strategy Look Like?

A real business backup plan includes:

✅ Automated, regular backups: Data should be backed up daily (or more often), without relying on staff to do it manually.

✅ Separate storage locations: At least one copy of your backup should be stored offsite or in a separate cloud environment that’s not automatically synced.

✅ Version history & retention: Good backup systems let you roll back to a specific point in time — useful if ransomware has been active for days before detection.

✅ Immutable backups: Some solutions offer “immutable” storage, meaning once the backup is written, it can’t be altered — even by ransomware.

✅ Regular testing: A backup is only good if it can be restored. We help our clients regularly test their backups to make sure everything works when it matters most.

🧩 What You Can Do Now

If you’re relying solely on OneDrive, Dropbox or similar, it’s time to rethink your approach. Here’s what we recommend:

  1. Use OneDrive for collaboration, not backup
    • It’s a great tool — but it’s not designed for full disaster recovery.
  2. Implement a proper cloud backup solution
    • We help customers set up secure, automated, and tested backups that comply with UK data protection laws.
  3. Make ransomware part of your business risk plan
    • Prevention is key — but recovery is your safety net.

🟢 Our Advice for Businesses

At Cactus IT, we work with local businesses to build resilient, affordable backup plans tailored to their business needs — whether you’re a legal firm, manufacturer, or service provider.

Let’s have a chat about your current setup — we’ll tell you honestly if there are risks and how to fix them.

Want help getting your business protected against ransomware?

📞 Get in touch with our friendly team today and arrange a free review.

Safeguard Your Business: Why a Password Manager is Your Best Defence

by

For businesses across Yorkshire and the UK, cyber security is a growing concern. Reports indicate a significant rise in cyber attacks targeting SMEs, with phishing being the most common method. If your business doesn’t have a dedicated IT security expert, implementing robust, yet simple, security measures is crucial.

A password manager like Keeper can be your frontline defence, bolstering both your cybersecurity and operational efficiency.

Elevate Your Cybersecurity Posture

Password managers help your business combat cyber threats and we have thoroughly tested and compared the current offerings. Our team agree, Keeper comes out best and this is why:

  • Enforcing Strong, Unique Passwords: Weak or reused employee passwords are a major risk. Keeper generates complex, unique passwords for every account, enforcing strong security policies like minimum length and complexity, and identifying weak or reused credentials that need changing. This is critical as AI tools can now crack weak passwords. We like the passphrase generator that’s included, giving you the option for passwords or passphrases.
  • Enabling Multi-Factor Authentication (MFA) and Passkeys: Keeper simplifies the use of MFA, adding an essential layer of security that can prevent unauthorised access even if a password is compromised. It can store Time-based One-Time Password (TOTP) codes. Furthermore, Keeper supports passkeys, a phishing-resistant, passwordless authentication method that simplifies logins while boosting security.
  • Providing Secure, Encrypted Storage: Forget insecure sticky notes or spreadsheets. Keeper offers secure, encrypted storage for login credentials and sensitive data. It uses a zero-trust and zero-knowledge security architecture with full end-to-end encryption, ensuring only authorised users can access and decrypt their data.
  • Securely Managing Access & Sharing: Define user access needs and organise employees into role-based groups, ensuring only appropriate personnel have access to specific passwords. Keeper also facilitates secure, encrypted sharing of passwords and files among team members, including time-limited sharing with non-users.
  • Mitigating Risks from Employee Departures: Keeper streamlines the critical process of removing a departing employee’s access to all company systems and swiftly changing passwords, preventing data compromise.
  • Dark Web Monitoring: Some Keeper plans include dark web monitoring (like BreachWatch), alerting you if your credentials appear online, enabling prompt action.
  • Combatting Phishing Attacks: Keeper’s autofill feature helps employees avoid manually entering credentials on fake websites, significantly reducing susceptibility to phishing scams, which are a very common attack type.

Boost Your Operational Efficiency

Beyond security, Keeper enhances daily operations:

  • Streamlined Onboarding & Offboarding: New hires get immediate, secure access to necessary login credentials based on their role, eliminating delays. Similarly, offboarding becomes quick and secure.
  • Increased Employee Productivity: Employees only need to remember one master password to access their secure vault, saving valuable time spent on remembering or resetting forgotten credentials. KeeperFill automatically logs users into websites and apps across devices and browsers, boosting productivity.
  • Centralised Organisation and Control: Keeper organises all team passwords with unlimited records and groups. The Admin Console offers powerful visibility and control, allowing quick user setup, disabling, removal, team creation, and policy enforcement.
  • Long-Term Cost Savings: Investing in Keeper can prevent costly cyber attacks, data breaches, and business interruptions, ultimately saving your business significant money.

Don’t wait for an attack to strike. Strengthen your businesses digital defence and streamline operations. Start your free 14-day trial of Keeper Enterprise today to protect your company’s data and enhance productivity.

Protecting Your Microsoft 365 account: Why Multi-Factor Authentication is Essential

by

As an IT support company in Yorkshire, we understand the constant struggle businesses face in safeguarding their digital assets against evolving cyber threats. You’re likely managing crucial data and communications within your Microsoft 365 accounts, making them prime targets for cybercriminals.

With cyberattacks becoming more sophisticated and frequent, relying solely on a password is no longer enough to secure your valuable information. Adversaries are constantly seeking new ways to compromise accounts, even those protected by basic security measures, which is why robust defence is more critical than ever.

The most effective solution to significantly enhance your Microsoft 365 security is to implement Multi-Factor Authentication (MFA). MFA, or Two-Factor Authentication (2FA), adds an essential extra layer of security by requiring you to provide at least two different methods of verification to access your account. This means that even if a cybercriminal manages to obtain your password, they would still need a second factor, like a code sent to your phone or a verification from an authenticator app, to gain access. Microsoft data shows that MFA can prevent 99.9% of account compromise attacks, dramatically reducing your risk. We highly recommend using the Microsoft Authenticator app for a more secure and faster experience, as it’s considered one of the most secure verification options.

You can start setting up MFA for your account by visiting: https://aka.ms/mfasetup, sign into your Microsoft 365 account, select ‘+Add sign-in method’ and select ‘Microsoft Authenticator’ (see below for a setup guide video).

We know that rolling out new security measures can sometimes feel complex. That’s where Cactus IT comes in. Our team of experts considers enabling MFA on your Microsoft 365 accounts an essential task for all businesses and is ready to assist you. If you require any assistance with setting up Multi-Factor Authentication, or need advice on the best approach for your organisation, please do not hesitate to contact us.

You can reach the Cactus IT team by calling 01943 666 711 or emailing support@cactus-it.co.uk.

We’re here to ensure your business is protected in the best possible way.

We have included a link below that shows you how to set this up for your account once it’s been enabled by your admin.

Setup Microsoft 365 MFA multi factor

Cyber Security: Why you should have email filtering.

by

Microsoft Defender for Office 365 features

The number of SPAM, junk and phishing emails we receive each day is at the highest level that I can remember…. and I have been providing IT services for over 30 years! It’s a global problem and we are here to help you to protect your brand and company information.

Small businesses face significant cyber threats, with over 90% of cyberattacks originating from email, and phishing being the leading cause of breaches. These attacks often exploit vulnerabilities through malicious URLs, compromised accounts, or malware attachments, leading to serious consequences like account takeover and data loss. The increasing sophistication, including the use of AI in attacks, means traditional defences are struggling to keep pace.

Microsoft Defender for Office 365 offers a comprehensive, multi-layered defence against these threats (at a very resonable cost!):

  • Anti-phishing policies leverage AI and mailbox intelligence to combat impersonation and detect fraudulent senders and domains, learning normal communication patterns to identify unusual behaviour.
  • Safe Links protects against malicious URLs by rewriting them and performing time-of-click checks, preventing users from accessing dangerous sites even if a link becomes malicious after delivery.
  • Safe Attachments detonates unknown malware in a secure virtual environment, providing zero-day protection for email attachments. It can use Dynamic Delivery to minimise delays, delivering the email body while attachments are scanned.
  • Furthermore, Zero-Hour Auto Purge (ZAP) can retroactively remove malicious emails from inboxes if they are later identified as threats.

This integrated solution, building on Exchange Online Protection’s anti-spam capabilities, significantly reduces email-borne risks and helps small businesses maintain a secure email environment.

We already have this solution rolled out and setup for the majority of our customers, this is also the solution that we choose to use ourselves so we are confident in it’s effectiveness and reliability as part of an overall cyber security solution.

Whether you’re a small team or a growing business, it’s never been more important to take cyber security seriously. If you would like to increase your companies defences against the most common type of cyber attack, please get in touch so that we can assist you.

We are ofering a free 1 month trial of this filtering service for any of our IT support customers. Contact us today to book your review and take the first step toward stronger protection for your business.

📞 Call us on 01943 666711
📧 Or email: info@cactus-it.co.uk