Companies that have a well-defined hierarchy and clear communication processes (and that are known to everyone) are more likely to not fall into simpler scams.
If the entire service team knows that the company president will never send an email to them requiring access to a platform, the likelihood of them not falling into a trap like this is much greater.
When employees know how internal communication works, the chances of being the target of spear phishing are reduced, as they will not be effective when an attempt is made to simulate internal communication.
The professionals will examine and evaluate security strategies and defenses. It is the responsibility of the Cyber Security Specialist to create new defensive systems and protocols.
Stay tuned for details
Do not get attached to the layout of the email. Even if there is an art inserted in the messages or something like that, know that replicating this material is very simple, therefore, attention should be on the details.
Analyze the language adopted, the terms used (example: some companies do not use the word employees, only employees, so if it is present in the message, it already becomes a point of distrust) and the way to communicate.
In some cases, small errors in Portuguese or in the spelling of names can attest that the message did not come from a reliable sender. Also analyze other factors, such as sender's email, signature used and date and time of sending, all of which can help you identify a scam.