Simple tips for identifying phishing emails

How can you help in the fight against phishing schemes?  The most simplistic answer is, don’t click on fraudulent emails.  But distinguishing between phishing and genuine emails is not always so clear-cut.  A few simple tips can help tilt the fight in your favor.

Personally, the first and main thing I do is to see if I recognize the sender.  Obviously, not everyone who sends you an email will be someone you know, so let’s start off with that category.  The key here is the subject line: specifically its spelling and grammar.  No one likes accusations of being the grammar police, but in this case it’s a mindset that can help prevent cybercrime against your organization.  Even if it’s just one letter, if something in the header seems a little off, it’s ok to get suspicious.

The next step from there, if you’re still not sure, is to check the email address of the sender.  On a computer or laptop, you can do this simply by hovering over the sender’s name in your inbox, without even needing to open the email.  Generally, the phishing addresses reveal themselves at least by this stage.  But what if you’re dealing with an exceptionally clever cybercriminal?  Maybe you still feel the need to at least check the email itself.  This is not something I’d recommend, but if you do find yourself opening the message, even accidentally, do nothing else.  Stop right there.  Is there an attachment?  Don’t download it.  Is there a link, and a message asking you to click or send or donate something?  If you’ve been suspicious to this point, don’t do it.  At most, hover over the link, like with the sender’s name as mentioned, to check how the URL looks.  Anything that sets off even the smallest alarm bells means you’re safer not clicking.

Another option, in the event the sender appears to be someone you know, yet the email still seems strange, is to contact the person directly and ask them.  That should resolve the issue right there.

Security Boulevard’s Stu Sjouwerman has further advice for cases involving even more sophisticated attackers, and how you can trace an email header back to its source.  Using the IP address you find, you can cross-reference the true location with where the sender claims to be, in case of any disparity.  All the steps and details are explained fully in the article.

Practicing this level of caution regarding your emails will eventually make it habit.  In the battle to protect your company from hackers, don’t be the weak link, or click the risky one.


By: Jonathan Weicher, post on June 3, 2020
Originally published at: http://www.netlibsecurity.com
Copyright: NetLib Security