Most Phishing Emails Originate at Common Domains
The first way to recognize a phishing email is that most originate from a public email domain.
There are few legitimate organizations that will send emails from an address that ends in @gmail.com, not even Google does this.
To check an organization’s name, type it into a search engine.Most of the time, organizations have their own email and company accounts and don’t need to use an @gmail.com address.
Check the Spelling of the Domain, Carefully!
There is another clue hidden in domain names that shows a strong indication of the scam.
Anyone can purchase a domain name from a website. There are many ways to create addresses that are easily confused with the official domain of a brand or company. The most common ways include slight mis-spellings of the domain name, or by changing one character to a number or letter that resembles the original. Be extra vigilant for these types of spoofing attempts.
Grammer and Spelling Counts
It’s often possible to tell if an email is a scam if it has poor spelling and grammar. Odd terminology or phrasing is also a clue. For example, your bank is unlikely to misspell the word checking or account, and they would not usually call an ATM machine a “cash machine”. These clues can be subtle, but often indicate that an email is not what it claims to be.
Beware of Potentially Malicious Links and Attachments
Sometimes, the wording in an email might be right, but the links send you to somewhere unexpected on the web. You can check this out in most clients and browsers by simply hovering the mouse cursor over the link without clicking on it. That’s an easy way to know where the link is taking you, and note that it might be somewhere other than what the links says it is.
You should always beware of attachments in emails. Everyone knows that malicious code and ransomware can be hiding in documents, spreadsheets and such, but they can also appear to be image files, presentations, PDFs and most types of documents. If you aren’t expecting the attachment, delete it!
Too Good To Be True
Lastly, if the offer is too good to be true, it probably is. Few people have won the lottery and been notified by email. Even less have been chosen for random gifts or to receive inheritance from Kings and Queens. Don’t be gullible, and remember, scammers are out there, and they want to trick you.
What to Do When You Spot a Phish
The first thing is to delete the email and attachments. If it is a work email, you should also notify the security team that you received it. They can investigate, as needed. In some firms, they may want you to forward it to a specific email address for the security team, but most security teams can recover the email information even if you delete it. Follow their instructions.
At home, just delete the email and tell your family and friends about it. The more folks are aware of what’s going around, the less likely there are to fall into the trap.
We’d love to discuss phishing attacks, emerging threats or common security controls for organizations. Reach out to firstname.lastname@example.org or give us a call at 614-351-1237 for help.
Thanks for your attention, and until next time, stay safe out there.