Originally posted on https://www.astutetm.com/2019/07/5-tips-to-spot-a-phishing-email/
Phishing emails are an attempt to obtain sensitive or personal information such as usernames, passwords, financial or personal details by scammers who have disguised themselves as a legitimate business or person. The intent is to use this information for illegal purposes. Phishing has been around for more than 20 years, first coined as a phrase somewhere around 1996 by hackers stealing America Online (yes, AOL) information. While the hacking world is constantly changing and evolving its methods to fool the end user, below are 5 things to look for that are immediate red flags an email is a phish.
1. Obvious Grammar and Formatting Errors
While this seems like it should be an obvious clue that the email is a fake, thousands of end users fall victim to emails addressed to “Dear” or “Dear Customer” with no other identifier in the greeting. The unfortunate result of a world desensitized to the personal touch associated with human interaction. Users don’t seem to mind that companies won’t always remember a customer’s name.
Phishing emails also often contain different fonts and font sizes from paragraph to paragraph or even sentence to sentence. They may also lack appropriate punctuation or contain misspelled words. In some emails the phisher will also frequently use the word “kindly” as in “Kindly reply by the end of the day with the information requested”.
Often the scammer resides in a country outside the target’s residence. The scammers just aren’t familiar with the language or grammar of their target and this comes through in their poorly written email. A strategy behind this? Selecting gullible targets means a higher likelihood the scammer will get the information they need. In other words, if the end user doesn’t notice misspelled words, inappropriate or missing punctuation and varied font, they may be more likely to click a link or attachment intended to harm their credentials.
2. Claims That There is a Problem or Reward with an Associated Sense of Urgency
Phishing emails will regularly claim that there is a problem with an account, an overdue invoice or that suspicious activity has been noted. They will often note that urgent action is required to fix the issue. The diligent end user is immediately confused or scared and, in an effort to clear up their good name, quickly enters personal information to correct the error.
Eligibility for free items are also good bait for the phisher. “Click Here to Claim Your Free Pizza” is a good one especially when sent out on a Friday or just before a holiday. Gift cards from popular web retailers are also prime bait. It’s become so problematic that large online retailers like Amazon have designed entire web pages to help their consumers spot fakes. Often the supposed reward will expire if not claimed immediately or within a short time frame.
3. There’s a Suspicious Attachment or Link
A phishing email may contain fake invoices, attachments or links. These attachments or links make it easy for the end user to enter information or payment methods.
Phishing emails frequently are impregnated with malware or ransomware that, once a link or attachment is clicked, will download viruses to the user’s computer. Some viruses will enable the hacker to sit silently behind the scenes (referred to as Advanced Present Threats) and gather data: user patterns, keystrokes and other personal information. They gather this data over several days, weeks or months until the hacker deems it safe to execute their attack. This delay is strategic on behalf of the cybercriminal in that the user will likely not remember the suspicious email they clicked on that could be associated with their hacked bank account. According to the Verizon Data Breach Investigations Report, 30% of phishing messages get opened by target users and 12 % of those users click on the malicious attachment or link. These numbers tell us that phishing methods work, time and time again.
4. There’s Something Off in The Web or Email Address of The Sender
Hackers will try to mimic a legitimate web or email address as closely as possible to fool the end user. Unless the end user looks closely, the bogus information is easily missed. An example provided by Stay Safe Online would be @airbnb.work as opposed to @airbnb.com (notice the .work opposed to the .com). Hackers will sometimes add an additional letter, number or symbol to a legitimate URL or email that blends in so the phishing email is easily missed.
5. The Signature Lacks Detail
Legitimate emails will typically contain the information you need to contact the sender. Many phishing email attempts will appear to come from an internal domain, a CEO or CFO. These emails can be potentially devastating to SMB’s as the target is usually someone in HR or Accounting who is eager to respond and please their superior. End users should be on the look out for an email from a high-level executive in their own organization who is sending them communication with an informal or absent signature.
You Received a Phishing Email, Now What?
- If the email came from someone within your organization, or someone you know. Pick up the phone and call the sender (don’t reply to the email).
- If the email contains a link, copy and paste the link into isitphishing.ai. This will help you determine if the link is malicious.
- If the email contains an attachment, don’t open it. Think the attachment actually might be legit? Go to the sender’s trusted website directly (by entering the address in browser manually) and download the attachment.
- Forward it along to your IT support team or provider for review.
How to Stop Phishing Emails
The best way to stop phishing emails is to utilize an effective email filtering system. Filtering inbound and outbound email is essential to protecting not only your business’s confidential information but also its reputation. Hate getting spammed? Your customers will hate getting spammed by you via an outbound email hack even more.
Train users with Security Awareness Training and test them via simulated phishing. According to Ponemon Institute’s 2017 State of Cybersecurity in SMB 54% of data breaches were caused by a negligent employee or contractor. Cybersecurity training doesn’t have to be expensive or boring. For SMB’s who utilize a Managed IT Services provider, ask your provider if Security Awareness Training is included in your contract. Testing employees also helps overcome the perpetual “Rules don’t apply” or “That stuff only happens to other people” mentality. And managers of employees who regularly catch the test phishing attempts can use this for employee recognition!
Phishing Isn’t Going Away
Studies show cyber attacks year over year are becoming more targeted, more severe in terms of negative consequences and more sophisticated. The profitability of these attacks and anonymity available on the dark web to cybercriminals means SMB’s must continue to stay on top of cyber defense.
Partnering with an experienced IT support provider like Astute Technology Management can ensure your business maintains a secure network via industry best practices. Serving Columbus Ohio and Cincinnati Ohio since 1998 with industry leading partnerships in the cybersecurity industry means your business will stay up and running day in and day out.