Category: MANAGED IT Support services Dublin

Keeping track of users in your Google Workspace is essential for managing licences, maintaining security, and ensuring your organisation’s data stays organised. Whether you’re preparing for an internal audit, updating HR records, or just reviewing account activity, exporting a full list of users can save time and provide valuable insight into your organisation’s setup.

Here’s a straightforward guide to exporting a list of users directly from the Google Admin Console.

---

Step 1: Log into the Google Admin Console

Start by heading to the Admin Console at
👉 https://admin.google.com/ac/users?journey=218

You’ll need to sign in with a Google Workspace administrator account to access the Users section. Once logged in, you’ll see the main Users dashboard showing all active accounts across your organisation.

---

Step 2: Access the User Management Panel

From the user overview screen, you can view, filter, and manage all users within your organisation’s units.
Look at the top of the page and find the “Download users” option (see image below).

This feature lets you export all user information in a downloadable format, which you can easily open later in a spreadsheet.

---

Step 3: Select Download Options

After clicking “Download users”, a window titled “Download user info” will appear.

Here you can choose what type of data and format you’d like to export. To make sure you have everything, select the following options:

• Select columns:
  ✅ All user info columns and currently selected columns
  (This gives you the complete data set of up to 40 fields, including names, emails, last sign-ins, and organisational units.)
• Select format:
  ✅ Comma-separated values (.csv)
  (Ideal for use with Google Sheets, Excel, or any other spreadsheet application.)

Once you’ve made your selection, click “Download.”

---

Step 4: Open and Review Your CSV File

Your browser will automatically download a .csv file containing all user information.
You can open this file in:

• Google Sheets – perfect for cloud collaboration and live editing.
• Microsoft Excel – ideal for detailed filtering, sorting, and reporting.
• LibreOffice Calc or similar – if you prefer open-source options.

Once opened, you can easily filter by department, role, or last login time to understand how users are engaging with company tools.

This is also useful when reviewing which accounts are active, suspended, or no longer required — helping you manage licences more efficiently and reduce unnecessary costs.

---

Step 5: Keep Your User Data Up-to-Date

It’s a good idea to schedule this export periodically (e.g., monthly or quarterly). Doing so ensures your team always has a fresh list of users for HR, security audits, and compliance checks.

You can even automate this process using Google’s API tools or by connecting your Admin Console to reporting dashboards.

If you’re managing multiple domains or departments, creating filters in your spreadsheet can make analysis faster and clearer.

---

Why Exporting User Data Matters

Exporting user information from Google Workspace isn’t just a technical step — it’s part of responsible IT management.
Here are a few reasons why businesses do it regularly:

• Security checks: Identify inactive or suspicious accounts.
• Licence management: Avoid paying for unused accounts.
• Compliance tracking: Support data protection and HR record audits.
• User onboarding/offboarding: Ensure accounts are created and removed correctly.

A clear and accurate user list is the foundation of secure, compliant, and well-managed IT operations.

---

How CK Computer Solutions Can Help

At CK Computer Solutions – Managed IT Services Dublin, we help businesses make the most of their Google Workspace environments. Whether you need help exporting and managing user data, auditing accounts, or automating regular backups and security reports, our team can assist.

We can also integrate your Google Workspace data with your existing business systems, set up secure access controls, and ensure your IT operations run smoothly.
From one-off exports to complete Workspace management, CK Computer Solutions offers tailored support for your organisation’s needs.

If you’d like to streamline your Google Workspace setup or improve visibility into your user accounts, contact us today to see how we can help.

When your Google Workspace account is compromised, the impact can be devastating — from leaked company data to loss of trust with clients. Cybercriminals don’t just stop at your email inbox; once inside, they can access shared drives, calendars, and sensitive business files.

If you suspect that your Google Workspace account has been hacked, here are the exact steps you need to take to secure it quickly.

Step 1: Confirm the Breach

Look out for red flags such as:

• Emails sent from your account that you didn’t write.
• Login notifications from strange devices or locations.
• Changed security settings you didn’t authorise.

Step 2: Secure Access Immediately

1. Go to myaccount.google.com.
2. Select Security → Password and change it to a strong, unique one.
3. On the same page, select Manage all devices and Sign out of anything you don’t recognise.

https://myaccount.google.com/security-checkup

Step 3: Enable 2-Step Verification

This is the single best defence against future hacks.

1. In your Google Account → Security → 2-Step Verification.
2. Add your phone, Google Authenticator, or security key.

Step 4: Check Account Activity

Review recent logins:

• Go to Security → Recent security events.
• Look for unfamiliar devices or suspicious locations.

Step 5: Audit Third-Party Acces

Hackers often grant shady apps access to your account.

1. Go to Security → Third-party apps with account access.
2. Remove anything you don’t recognise.

Step 6: Review Email Rules and Recovery Options

Attackers may create hidden rules to forward or delete emails.

1. Open Gmail Settings → Filters and blocked addresses.
2. Delete anything suspicious.
3. Check Forwarding and POP/IMAP for auto-forwarding rules.
4. Under Security, verify recovery email and phone number.

https://mail.google.com/mail/u/0/#settings/filters

Step 7: Notify Your Team and Admin

If you’re part of a business, let your Google Workspace administrator know. They can:

• Force password resets for accounts.
• Lock out suspicious sessions.
• Review audit logs across the domain.

Step 8: Restore Data if Needed

If files or emails are missing, don’t panic.

• Use Google Vault (if your organisation has it) to recover lost emails.
• Admins can also restore files in Google Drive up to 25 days after deletion.
• For long-term safety, keep regular backups outside Workspace.

How CK Computer Solutions Can Help

Recovering from a hacked Google Workspace account is stressful, especially if sensitive client data is involved. At CK Computer Solutions – Managed IT Services Dublin, we help businesses secure, restore, and protect their Google Workspace environments.

We can:

• Proactively monitor account activity for suspicious behaviour.
• Set up multi-factor authentication and security best practices.
• Integrate email security solutions to block phishing attacks before they land in inboxes.
• Provide reliable off-site backups so no data is ever truly lost.

With CK as your IT partner, you don’t just recover from an attack — you build stronger defences against the next one.

1. What is an SVG and why do attackers love it?

Scalable Vector Graphics (SVG) is a web image format based on XML. Unlike PNG or JPG, SVG files are text files that a browser reads and renders as graphics. Because it’s text, an SVG can also contain links, scripts, and embedded elements. That dual nature—image plus code—makes SVGs incredibly flexible for designers and, unfortunately, very handy for attackers.

Reasons threat actors are leaning into SVG:

• It looks harmless. An SVG usually arrives as a “picture” of a login page, invoice, or delivery note. People trust images.
• It slips through filters. Some email and web filters treat images as low risk, especially if they’re small and unremarkable.
• It can redirect. An SVG can open a phishing site in a new tab, or silently auto-forward the user to a credential harvester.
• It compresses well. The same payload can be tiny, helping it evade size-based checks and rate limits.

2) How SVG phishing works (with simple examples)

There are three common flavours you’ll see in the wild:

1. Clickable decoy image:
   The attacker sends an SVG that visually mimics a “View Document” button. The entire image is one big link to a phishing site. The file name sells the story: Invoice_1089.svg, DocuSignNotice.svg, Zoom_Meeting_Details.svg.
2. SVG as a jump pad:
   The SVG uses an <a> tag or xlink:href inside the graphic to redirect the user. The link may be shortened or obfuscated. When the user previews or opens the “image”, the browser follows the link to a credential page dressed up as Microsoft 365, Google, Zoom, or your payroll portal.
3. Embedded script or data URI:
   Some SVGs embed JavaScript (depending on how the browser handles it) or a data: URL that decodes to HTML. The net effect is the same: the user ends up at a malicious site, or a fake login form renders right in the browser.

A simplified, recognisable snippet you might see:

There’s nothing fancy in that code—yet it’s enough to trick a busy staff member.

3) Why many security layers miss malicious SVGs

• MIME and extension whitelisting: Email gateways sometimes treat .svg as an image and don’t deeply inspect it.
• Inline rendering: Some collaboration tools preview SVGs inline, so users click before thinking.
• URL detonation gaps: If the SVG points to a redirect that only becomes malicious after a delay (time-bombing), sandboxing may miss it.
• New domains & link shorteners: Attackers rotate infrastructure to stay ahead of reputation-based filters.

4) Real-world delivery routes

Attackers aren’t fussy. They’ll use whatever works:

• Email attachments labelled as invoices, HR documents, VoIP messages, or meeting invites.
• Cloud storage links (OneDrive, Google Drive, Dropbox) where the SVG is hosted and shared “from a known brand”.
• Chat platforms (Teams, Slack, WhatsApp Business) where short, urgent messages push the recipient to “review asap”.
• Compromised websites that stuff SEO and lure staff to download a “template” or “policy” that’s actually an SVG.

5) Business impact

SVG phishing is not just a nuisance. It can lead to:

• Credential theft for Microsoft 365, Google Workspace, payroll, banking, or HR systems.
• Session hijacking if the lure captures tokens or pushes the user to approve an MFA prompt.
• Malware delivery where the SVG is the first step before a dropper or info-stealer lands.
• Business email compromise (BEC) resulting in invoice fraud or payroll diversion.

Once an attacker has an admin or finance mailbox, they can pivot quickly—creating forwarding rules, registering rogue apps, or sending internal-looking requests to suppliers.

6) Prevention for non-technical teams (the quick wins)

You don’t need to be an engineer to reduce risk:

• Treat unexpected SVGs as suspicious. Genuine suppliers rarely send image files instead of PDFs.
• Hover before you click. If your email client shows the destination URL, check it. Look closely for misspellings and odd domains.
• Use known portals. If the message claims to be DocuSign, Microsoft, or your bank, navigate there via your own bookmark—not the email.
• Pause and verify. A two-minute phone call to the sender (using a known number) beats hours of cleanup.
• Report easily. Make sure there’s a one-click “Report Phish” button in Outlook/Google Mail so your security team can act fast.

7) Technical hardening for IT teams

Here’s a layered approach that works in Irish SMEs and mid-market organisations:

Email and collaboration

• Block or quarantine SVG attachments unless there’s a legitimate business case. Create an allow-list for trusted senders if absolutely necessary.
• Rewrite and scan links (Safe Links/URL Defence equivalents) and detonate attachments in a sandbox. Ensure detonation follows redirects and re-checks links after a delay.
• Disable inline SVG previews in chat and collaboration tools where feasible.
• Strip active content at the gateway if your tooling supports SVG sanitisation.

Browsers and endpoints

• Restrict file associations: Don’t auto-open SVGs in full browsers from email clients.
• Deploy a modern browser security baseline: Enable Enhanced Safe Browsing/SmartScreen/URL reputation, block risky schemes like data: where business-appropriate, and enforce HSTS.
• Application control: Use Windows Defender Application Control / AppLocker policies to prevent unauthorised helper apps or script hosts from running.
• EDR rules: Create detections for suspicious browser children (e.g., cmd.exe, powershell.exe) spawned shortly after opening image files.

Identity and access

• Enforce phishing-resistant MFA where possible (FIDO2/WebAuthn). If that’s not feasible, use number matching and restrict legacy authentication.
• Conditional Access: Block authentication from improbable travel, newly unseen devices, or risky sign-ins.
• App governance: Monitor OAuth app consent and block end-user consent to risky scopes.

Web and application layer

• Content Security Policy (CSP): If your own sites accept SVG uploads, lock down img-src, object-src, and disallow inline scripts.
• Sanitise server-side: Strip scripts, external references, and data: URIs from user-supplied SVGs before storing or serving them.
• Use signed URLs and strict MIME types when serving images to clients.

8) Detection tips: what to look for

Teach your SOC (or managed SOC) to hunt for:

• Email patterns: A sudden spike in .svg attachments or messages with “view document”, “secure”, “encrypted”, “DHL”, “P60/P45”, “VAT”, “Zoom meeting”.
• Proxy logs: Short user sessions that begin with loading an .svg and immediately hit an unfamiliar domain, often via 302 redirects.
• Authentication anomalies: Multiple failed logins followed by an MFA push approval from the same user; impossible travel; sign-ins from headless browsers.
• Mailbox rules: Newly created auto-forwarding rules to external addresses or rules that hide replies.
• Endpoint signals: Browser spawning script interpreters or archival tools within seconds of the user opening an “image”.

9) Incident response: a practical playbook

When an SVG phish lands, time is everything. Use this as a checklist:

1. Triage and contain
   • Identify recipients and whether anyone clicked.
   • Quarantine the email everywhere (search & purge).
   • Block the malicious domain and any redirectors at DNS, firewall, and secure web gateway.
2. Validate access
   • For any user who clicked, reset passwords, invalidate sessions, and re-enrol MFA if suspicious prompts occurred.
   • Check sign-in logs for the past 7–14 days for unusual locations, devices, or OAuth consent events.
3. Harden the mailbox
   • Remove rogue mailbox rules and address forwarding.
   • Audit delegated access and app consents.
4. Forensics
   • Keep the original SVG and message headers.
   • Extract IOCs (domains, IPs, hashes).
   • Review proxy/EDR timelines around the event window.
5. Recovery and comms
   • Notify affected teams (finance, HR, suppliers) if BEC is suspected.
   • Provide user-friendly guidance: what happened, what to do, and how to avoid a repeat.
6. Lessons learned
   • Update blocklists, detections, and training material.
   • Consider a temporary, stricter email posture for high-risk roles (finance, execs).

10) Policy, training, and governance

• Attachment policies: Decide if SVGs are necessary for the business. If not, block them and document the exception process.
• Supplier due diligence: Ask vendors how they distribute documents. nudge them towards PDFs via secure portals rather than images by email.
• Role-based controls: Finance and HR should have stronger inbound filtering and stricter Conditional Access rules.
• Continuous awareness: Use short, monthly micro-lessons with real screenshots of lures you’ve seen internally—keep it relevant to your staff.
• Tabletop exercises: Run a 60-minute scenario on “SVG-led BEC” with IT, finance, and leadership. Agree who does what, and capture gaps.

Quick reference: red flags your staff can spot

• File types that don’t match the task (a picture for a document).
• Urgent language around payments, payroll, or compliance.
• Links that look like “secure-docs-login[.]com/microsoft” rather than microsoft.com.
• Requests to sign in again to view a simple file you weren’t expecting.
• Messages that arrive outside business hours from “internal” people you don’t usually hear from.

A balanced default policy that works well

If you’re unsure where to start, this baseline is sensible for most Irish SMEs:

• Block inbound .svg attachments by default; allow only for named senders on a case-by-case basis.
• Enable URL rewriting and delayed link re-scan; detonate attachments and follow redirects during sandboxing.
• Enforce number-matching MFA and block legacy auth; monitor impossible travel alerts.
• Use a DNS filtering service to stop newly registered or risky domains at the network edge.
• Put a “Report Phish” button in the email client and actually act on submissions quickly to build trust.

---

How CK Computer Solutions – Managed IT Services Dublin can help

SVG phishing sits in that awkward gap between user behaviour and technical nuance. You need both sides right. That’s where we come in.

At CK Computer Solutions – Managed IT Services Dublin, we help Irish businesses reduce phishing risk without slowing the day-to-day work:

• Email security configuration: We tune Microsoft 365/Google Workspace policies to quarantine risky file types like SVG, enable URL rewriting, and set up sandboxing that re-checks delayed redirects.
• Identity hardening: We roll out phishing-resistant MFA (or best-practice MFA with number matching), Conditional Access, and session controls so a single click doesn’t become a full breach.
• Endpoint & browser baselines: We deploy practical Windows security baselines, application control, and EDR detections that spot suspicious behaviour after an “image” opens.
• Awareness training that sticks: Short, role-based sessions using real examples (including SVG lures) sent to your teams. No scare tactics—just tools people remember.
• Monitoring & response: Our managed service watches your email and identity logs for patterns that point to SVG or image-led phishing, and we jump on containment fast—blocking domains, invalidating sessions, and cleaning up mailbox rules.
• Policy & governance support: We’ll help draft and implement attachment handling policies, supplier requirements, and exception workflows so the business keeps moving while staying safe.

If you’d like a quick health check on your current setup—or want us to test how your filters handle a benign SVG sample—reach out to CK Computer Solutions. We’ll tailor a plan that fits your organisation, your budget, and the way your people actually work.

Phishing remains one of the most effective ways cybercriminals infiltrate businesses. While most people know to be cautious of suspicious attachments or links, attackers are becoming increasingly sophisticated in disguising their scams. One of the latest tactics involves fake Zoom document invites, designed to trick recipients into handing over their login credentials.

With remote and hybrid working now a permanent part of business life, employees are accustomed to receiving Zoom meeting invitations and shared links. This makes Zoom-branded phishing emails particularly convincing and dangerous if not identified quickly.

---

What is a Zoom Document Phishing Link?

A Zoom document phishing link is a fraudulent email or message crafted to look like it came from Zoom. Instead of delivering a genuine meeting invite or document, it lures the recipient into clicking a malicious link.

The message often contains wording such as:

• “You are invited to view a document”
• “Support Document has shared a file with you”
• “Click here to access your meeting notes”

These messages are designed to create urgency and curiosity, encouraging users to click without thinking.

In reality, Zoom does not provide a service called “Zoom Docs” or “Zoom Documents.” Any such message is a clear sign of a phishing attempt.

---

How These Scams Work

The scam follows a predictable but effective pattern:

1. The hook – An email lands in your inbox looking like it’s from Zoom, complete with branding and buttons.
2. The lure – The email urges you to click a “View Document” or “Open Doc” link.
3. The trap – Instead of taking you to Zoom, the link redirects to a fake login page.
4. The theft – If you enter your Microsoft 365, Gmail, or Zoom credentials, attackers capture your details instantly.
5. The aftermath – Cybercriminals use the stolen information to access business emails, sensitive files, or even spread further phishing campaigns from your account.

The example screenshot you shared shows this clearly: vague messaging, suspicious sender details, and fake buttons that don’t lead anywhere legitimate.

---

Red Flags to Watch Out For

While some phishing emails are poorly written, others can be very convincing. Always look for these warning signs:

• Unknown sender – The email claims to be from Zoom but comes from an unfamiliar or strange domain.
• Generic messages – “You are invited to view document” without context is a big red flag.
• Unrealistic services – Zoom does not offer “Zoom Docs.”
• Suspicious links – Hovering over the link reveals it does not lead to zoom.us.
• Urgency and threats – “View immediately” or “Your account will be suspended” tactics.
• Brand inconsistencies – Logos stretched, incorrect colours, or poor formatting.

Training your team to recognise these signs can stop a phishing attack before it succeeds.

---

Why Businesses Are Being Targeted

Cybercriminals know that businesses rely heavily on collaboration tools like Zoom. By imitating them, attackers gain a higher chance of success. There are several reasons why SMEs in particular are targeted:

• High email traffic – Staff receive multiple meeting invites daily, so fake ones blend in.
• Lower security awareness – Not all companies run regular phishing training.
• Credential value – Stolen Microsoft 365 or Google Workspace logins can open up an entire company’s systems.
• Gateway for larger attacks – Once inside, attackers may launch ransomware, data theft, or financial fraud.

---

Consequences of Falling Victim

The damage from a successful phishing attack can be severe:

• Data breaches – Sensitive customer or business data may be exposed.
• Financial loss – Attackers could initiate fraudulent payments or demand ransom.
• Reputation damage – Clients may lose trust if their information is compromised.
• Regulatory penalties – Under GDPR, businesses face heavy fines for data breaches caused by negligence.
• Operational disruption – Compromised accounts can paralyse day-to-day work.

For SMEs, even a single phishing incident can cause long-lasting harm.

---

Practical Steps to Protect Your Business

The good news is that businesses can take proactive steps to defend against these scams.

1. Implement email filtering – Use advanced filters to catch phishing attempts before they hit inboxes.
2. Educate employees – Run regular training sessions with real-world phishing examples.
3. Enable multi-factor authentication (MFA) – Even if credentials are stolen, MFA provides a second layer of protection.
4. Keep software updated – Outdated systems are easier to exploit.
5. Establish reporting procedures – Make it easy for staff to flag suspicious emails.
6. Test with phishing simulations – Conduct controlled phishing tests to measure awareness.

A layered security approach reduces the chance of a single click causing catastrophic damage.

---

How CK Computer Solutions Can Help

At CK Computer Solutions – Managed IT Services Dublin, we specialise in keeping businesses safe from threats like phishing. Our services include:

• Email security solutions – Filtering and protection to stop malicious links before they reach your staff.
• Cybersecurity awareness training – Practical sessions to teach your team how to spot scams like fake Zoom document invites.
• Multi-factor authentication setup – Adding an extra layer of protection across your Microsoft 365, Zoom, and other critical accounts.
• Continuous monitoring and support – We watch your systems 24/7, responding rapidly to suspicious activity.
• Strategic IT partnership – Beyond security, we ensure your entire IT environment is efficient, compliant, and future-proof.

By partnering with CK Computer Solutions, you gain not only protection from threats like Zoom phishing attacks but also a trusted IT partner invested in your business success.

There are three main relay methods in Microsoft 365:

---

1. SMTP Client Submission (Preferred if possible)

• Uses port 587 with TLS and authentication (username + password).
• Works best for apps/devices that support modern authentication.
• Each device must be configured with a licensed mailbox account.
• Settings:
  • SMTP server: smtp.office365.com
  • Port: 587
  • Encryption: TLS
  • Username: mailbox email address (e.g. scanner@yourdomain.com)
  • Password: mailbox password / app password (if MFA enabled).

---

2. Direct Send

• Sends mail directly to Office 365 without authentication.
• Only works when sending to internal recipients (inside your domain).
• Useful for devices that cannot authenticate.
• Requirements:
  • Device must be on your public IP that’s allowed in Exchange Online.
  • Use your Microsoft 365 MX endpoint as the SMTP server (e.g. yourdomain-com.mail.protection.outlook.com).
  • Port: 25
  • TLS: optional, but recommended.

---

3. Office 365 SMTP Relay (Connector-based)

• More flexible: allows sending to internal and external recipients.
• You create a mail flow connector in Exchange Online that authorises by public IP address.
• Steps:
  1. Log into Microsoft 365 Admin Center → Exchange Admin Center.
  2. Go to Mail flow → Connectors → Add new.
  3. Choose:
     • From: Your organisation’s email server
     • To: Office 365
  4. Give it a name (e.g. “Office devices relay”).
  5. Specify the public IPs of your devices/apps that will send mail.
  6. Save connector.
  7. Configure devices/apps with:
     • SMTP server: yourdomain-com.mail.protection.outlook.com
     • Port: 25
     • No authentication needed.
     • TLS if supported.

---

✅ Which option should you choose?

• If device supports authentication → use SMTP client submission.
• If only internal mail → direct send.
• If external mail needed & no authentication support → connector-based relay.

Online scams are getting smarter. They no longer just come in the form of badly written emails or obvious pop-up ads. Now, many fake websites look polished, professional, and almost identical to the real thing. For businesses and individuals alike, knowing how to spot a scam site could save you from financial loss, data theft, or malware infection.

Recently, we’ve seen scam websites impersonating popular Irish attractions, such as Kilmainham Gaol Museum in Dublin. The legitimate website is:

✅ www.kilmainhamgaolmuseum.ie

However, fake versions have popped up with slightly altered web addresses, such as:

❌ kilmaingoal.icu
❌ kilmaingoalhummuseum.sbs

On first glance, these scam sites may look real — but if you know what to look for, the warning signs are clear.

---

1. Check the Website Address (URL) Carefully

Scam websites often use misspellings or extra words in their domain names. In our example, the real museum’s domain is kilmainhamgaolmuseum.ie, but the fakes used kilmaingoal instead of kilmainhamgaol, and swapped the .ie for unusual extensions like .icu or .sbs.

Tip: Always check the spelling letter by letter. A single misplaced character could be the difference between a safe site and a scam.

---

2. Look for a Secure Connection – But Don’t Rely on It Alone

Legitimate websites use HTTPS (you’ll see a padlock icon in the browser address bar). While scam sites can also get basic security certificates, a missing padlock is an instant red flag.

However, just because a site has a padlock doesn’t mean it’s safe — it only means the connection is encrypted, not that the site is legitimate. Always check HTTPS and the domain name together.

---

3. Check the Domain Extension

Scammers often use cheap, obscure domain extensions like .icu, .sbs, .xyz, or .top to avoid detection. While there’s nothing inherently wrong with these extensions, you should be cautious if a well-known Irish business is suddenly using one instead of the expected .ie or .com.

---

4. Analyse the Website Design and Content

Some scam sites copy design elements from the real website, but there are usually subtle differences:

• Low-quality or stretched images
• Poor grammar or awkward phrasing
• Missing contact details or vague “About Us” sections
• No consistent branding across pages

If something feels “off”, it probably is.

---

5. Search for the Site on Google – and Compare

If you suspect a site might be fake, search the company or organisation’s name on Google and see what comes up. The real site will usually appear at the top and be consistent with official contact details.

For example, a search for Kilmainham Gaol Museum clearly shows the official .ie domain and Google Business listing, making it easy to identify the imposters.

---

6. Verify Contact Information

A legitimate business will have verifiable contact details:

• A physical address you can confirm
• A working phone number
• An official email address linked to the domain name (e.g., info@kilmainhamgaolmuseum.ie)

Scam sites often use free email addresses (like Gmail or Outlook) or omit contact info entirely.

---

7. Look for Typos, Mismatched Fonts, or Broken Links

Small errors can be a scammer’s downfall. Check if the site has:

• Spelling mistakes in menus or headings
• Inconsistent font styles or colours
• Links that lead to unrelated or broken pages

These are common on hastily built scam sites.

---

8. Use Scam-Checking Tools

If you’re unsure, you can paste a URL into a site-checking tool like:

• Google Safe Browsing
• ScamAdviser
• Whois Lookup

These tools can reveal how recently the site was created, who owns it, and whether it’s been flagged as suspicious.

---

9. Watch Out for Unrealistic Offers

If a site is offering something too good to be true — whether it’s free tickets, huge discounts, or priority bookings — be extra cautious. Scammers use these tactics to lure you in quickly before you think twice.

---

10. Report the Scam

If you encounter a fake website, report it to:

• Garda National Cyber Crime Bureau
• FraudSMART
• The company or organisation being impersonated

Reporting helps protect others and can get the site taken down faster.

---

Protecting Your Business from Website Impersonation

If scammers can impersonate a major Dublin museum, they can impersonate your business too. That’s why strong cybersecurity and proactive monitoring are essential.

This is where CK Computer Solutions – Managed IT Services Dublin can help. As your trusted IT partner, we can:

• Monitor for domains impersonating your business
• Set up domain and brand protection alerts
• Provide staff training to recognise phishing and scam attempts
• Secure your website with advanced threat detection
• Implement data protection policies to safeguard your customers

A scam website can damage your reputation in minutes. We help ensure your business stays one step ahead of the scammers, keeping your online presence safe and your customers protected.

How to Identify a Scam Website?

Online scams are getting smarter. They no longer just come in the form of badly written emails or obvious pop-up ads. Now, many fake websites look polished, professional, and almost identical to the real thing. For businesses and individuals alike, knowing how to spot a scam site could save you from financial loss, data theft, or malware infection.

Recently, we’ve seen scam websites impersonating popular Irish attractions, such as Kilmainham Gaol Museum in Dublin. The legitimate website is:

✅ www.kilmainhamgaolmuseum.ie

However, fake versions have popped up with slightly altered web addresses, such as:

❌ kilmaingoal.icu
❌ kilmaingoalhummuseum.sbs

On first glance, these scam sites may look real — but if you know what to look for, the warning signs are clear.

---

1. Check the Website Address (URL) Carefully

Scam websites often use misspellings or extra words in their domain names. In our example, the real museum’s domain is kilmainhamgaolmuseum.ie, but the fakes used kilmaingoal instead of kilmainhamgaol, and swapped the .ie for unusual extensions like .icu or .sbs.

Tip: Always check the spelling letter by letter. A single misplaced character could be the difference between a safe site and a scam.

---

2. Look for a Secure Connection – But Don’t Rely on It Alone

Legitimate websites use HTTPS (you’ll see a padlock icon in the browser address bar). While scam sites can also get basic security certificates, a missing padlock is an instant red flag.

However, just because a site has a padlock doesn’t mean it’s safe — it only means the connection is encrypted, not that the site is legitimate. Always check HTTPS and the domain name together.

---

3. Check the Domain Extension

Scammers often use cheap, obscure domain extensions like .icu, .sbs, .xyz, or .top to avoid detection. While there’s nothing inherently wrong with these extensions, you should be cautious if a well-known Irish business is suddenly using one instead of the expected .ie or .com.

---

4. Analyse the Website Design and Content

Some scam sites copy design elements from the real website, but there are usually subtle differences:

• Low-quality or stretched images
• Poor grammar or awkward phrasing
• Missing contact details or vague “About Us” sections
• No consistent branding across pages

If something feels “off”, it probably is.

---

5. Search for the Site on Google – and Compare

If you suspect a site might be fake, search the company or organisation’s name on Google and see what comes up. The real site will usually appear at the top and be consistent with official contact details.

For example, a search for Kilmainham Gaol Museum clearly shows the official .ie domain and Google Business listing, making it easy to identify the imposters.

---

6. Verify Contact Information

A legitimate business will have verifiable contact details:

• A physical address you can confirm
• A working phone number
• An official email address linked to the domain name (e.g., info@kilmainhamgaolmuseum.ie)

Scam sites often use free email addresses (like Gmail or Outlook) or omit contact info entirely.

---

7. Look for Typos, Mismatched Fonts, or Broken Links

Small errors can be a scammer’s downfall. Check if the site has:

• Spelling mistakes in menus or headings
• Inconsistent font styles or colours
• Links that lead to unrelated or broken pages

These are common on hastily built scam sites.

---

8. Use Scam-Checking Tools

If you’re unsure, you can paste a URL into a site-checking tool like:

• Google Safe Browsing
• ScamAdviser
• Whois Lookup

These tools can reveal how recently the site was created, who owns it, and whether it’s been flagged as suspicious.

---

9. Watch Out for Unrealistic Offers

If a site is offering something too good to be true — whether it’s free tickets, huge discounts, or priority bookings — be extra cautious. Scammers use these tactics to lure you in quickly before you think twice.

---

10. Report the Scam

If you encounter a fake website, report it to:

• Garda National Cyber Crime Bureau
• FraudSMART
• The company or organisation being impersonated

Reporting helps protect others and can get the site taken down faster.

11. Check the Age of the Website

Most scam websites are brand new — often registered just days or weeks before they go live. You can check how old a site is using a WHOIS lookup tool (such as Whois.domaintools.com or ICANN Lookup).

If a website claiming to represent a well-established business was only created very recently, that’s a major red flag.

---

Protecting Your Business from Website Impersonation

If scammers can impersonate a major Dublin museum, they can impersonate your business too. That’s why strong cybersecurity and proactive monitoring are essential.

This is where CK Computer Solutions – Managed IT Services Dublin can help. As your trusted IT partner, we can:

• Monitor for domains impersonating your business
• Set up domain and brand protection alerts
• Provide staff training to recognise phishing and scam attempts
• Secure your website with advanced threat detection
• Implement data protection policies to safeguard your customers

A scam website can damage your reputation in minutes. We help ensure your business stays one step ahead of the scammers, keeping your online presence safe and your customers protected.

We’ve all had that moment — the mobile rings from a strange number, or a text pops up claiming to be from your bank. You pause, hesitate, and then the sinking feeling hits. “Is this legit… or a scam?”

Well, thankfully, the powers-that-be are doing something about it.

Ireland’s communications regulator, ComReg, has introduced a new “Likely Scam” warning system for mobile calls. It’s a step in the right direction — and a particularly important one for small and medium-sized businesses across the country who are on the frontlines of phone-based communication.

Let’s break down what’s happening, how it works, and what you can do to stay ahead of the curve.

---

What Is the “Likely Scam” Warning?

The new system automatically labels suspicious calls with a warning on your mobile screen. So, instead of just seeing an unknown number, you might now see:

📱 “Likely Scam”

This feature helps flag calls that appear to spoof real numbers, use known scam patterns, or exhibit suspicious calling behaviour — the kind we’ve seen rise sharply over the past few years.

It’s not blocking the call, just giving you a heads-up. You can still answer if you choose — but now with a much clearer idea of what might be waiting on the other end.

---

How Does the Scam Alert System Work?

The warning system is built into the mobile network layer. Here’s a simplified overview:

1. Telecom providers monitor traffic patterns – These include high-volume, short-duration calls, or calls from numbers that look like Irish numbers but originate from abroad.
2. Suspicious activity is flagged – If a call matches the behaviour of known scams, the network applies the “Likely Scam” label before the call reaches your device.
3. The label appears on your screen – Just like “Private Number” or “No Caller ID,” it gives you a warning in advance.

This system has already rolled out across major Irish mobile networks like Vodafone, Three, and eir. No setup is required by the user — it’s all managed at the network level.

---

Why This Matters for Irish Businesses

If you’re running a business in Ireland — whether you’re in retail, services, trades, or tech — your phones are a lifeline. Scam calls aren’t just annoying; they can be dangerous.

Here’s how they cause real problems:

• Wasted time: Staff lose productivity answering junk calls.
• Data breaches: A well-timed phishing call might trick someone into giving out client or system info.
• Reputation damage: If a scammer spoofs your number and contacts others, it reflects badly on your brand.
• Stress and confusion: Constant spam calls erode trust in phone communication and lower morale.

Now, with the “Likely Scam” system in place, you’ve got another tool in the arsenal to defend your staff and your customers from fraudulent activity.

---

What You Can Do To Protect Your Team and Clients

While the ComReg update is brilliant, it’s just one piece of the puzzle. There are other steps Irish businesses should take to stay cyber-safe:

1. Educate your staff

Hold regular training sessions on how to spot scam calls, phishing texts, and dodgy emails. A five-minute chat could prevent a five-figure loss.

2. Review call handling procedures

Make sure staff verify unexpected requests, especially ones involving passwords, payment details, or system access.

3. Use secure communications platforms

If your team relies on mobile phones, consider pairing them with secure apps like Microsoft Teams or encrypted VoIP services.

4. Enable call filtering

Some mobile devices and VoIP platforms allow for automatic call blocking or routing unknown numbers to voicemail.

5. Have an IT policy in place

Include clear steps on how to report suspicious calls, texts, or voicemails. Quick action can prevent further risk.

---

How CK Computer Solutions Can Help

At CK Computer Solutions – Managed IT Services Dublin, we work with businesses across Ireland to secure their communications, devices, and systems.

Our managed services go beyond basic support:

• Call Security: We help configure VoIP and mobile setups with added filtering and spam protection.
• Staff Cybersecurity Training: We deliver tailored training sessions on recognising scam calls and social engineering tactics.
• Incident Response: If a staff member does fall victim to a scam, we help contain the breach, investigate what happened, and patch the gap.
• Policy Development: We work with you to create practical, realistic communication policies that protect both your staff and your reputation.

Think of us as your IT partner — not just a helpdesk, but an embedded part of your team, always watching your back.

Whether you’re a small office or a multi-site operation, CK Computer Solutions can help you stay ahead of emerging scams and tighten your tech defences.