Close

July 20, 2017

Phishing – Think before you click and how to identify fake emails

Phishing example

Ransomware is on the rise with more than 4000 ransomware attacks occurring every day since the beginning of 2016. (source: https://www.justice.gov/criminal-ccips/file/872771/download) So, in light of this, we thought it prudent to talk about one of the common methods of spreading such devious infections, phishing.

Phishing

Phishing is the fraudulent practice of sending emails disguised as reputable companies or persons in order to get people to give out personal information, ie passwords and credit card numbers.

Here are 7 tips on how to identify phishing emails

Tip 1: Double-check the sender

Cyber criminals will often try to make the senders display name and email look as authentic as possible. So, first thing you should do is check and verify who is sending you the email. Look at their email address and if it looks suspicious, don’t open the email!

Tip 2: Think before you click

If there are any links in the email hover over them first to see the full link address, if that looks phishy then don’t click on it. You can test the link by typing the address in directly in a new browser window.

Tip 3: Check for spelling mistakes

Legitimate messages do not often have huge spelling mistakes. Most brands take their emails seriously and consider it a matter of professionalism to maintain spelling, grammar, and punctuation in their correspondence. Again, if it looks suspicious don’t trust it!

Tip 4: Be wary of urgent or threatening emails

A common phishing tactic will attempt to instill a sense of urgency and threat in the hopes it will cause you to react before you think. This can come in the form of “account has been suspended” or “unauthorized login attempt”. Just remember no one will ever ask for your personal information in an email.

Tip 5: Review the signature

Legitimate businesses will always provide contact details usually at the bottom of the email in the form of a signature. If there are details lacking or no signature at all then you are likely looking at a phishing attempt.

Tip 6: Do not click on attachments

Attachments are the easiest way to release an infection on your system. Don’t open anything that you weren’t expecting and always double check file extensions. Scammers will often try to dupe users by trying to disguise attachment files as other file extensions. Ie, worddocument.docx.exe – .exe is an executable and once clicked will begin installing something on your computer. Always be wary of attachments!

Tip 7: Don’t believe everything you see

Phishers are practiced at what they do and they constantly find success through their methods. They have become experts at spoofing brands and giving as much legitimacy to the appearance of emails. Always be skeptical when it comes to your emails – trust your gut and if it looks suspicious then don’t click on it.

For more information about different types of phishing click the link below:
Different types of attacks