6 Ways to Identify a Phishing Email
How to Spot a Fake Email
Phishing continues to be one of the most prevalent ways to gain unauthorized access and steal money from businesses or individuals. Over 86,000 phishing websites were discovered per month towards the end of last year. Use these 6 steps to keep yourself and your business safe:
1. Suspicious Sender Address
Email applications can only do so much when it comes to protecting you from phishing attacks. Scammers often buy domain names similar to the one they are trying to spoof. For example, a phisher could be trying to imitate acmebank.com, so he might use cmebank.com in hopes that your eyes are tricked by using “@” to make up for the “a”. Take time to read the email address carefully to make sure it’s from a trusted sender.
2. Sense of Urgency
While phishers are not limited in who they try to imitate, they typically try to copy banks, payment providers, cloud logins (Microsoft or Google), or disaster relief organizations. Their goal is obvious: Get you to take action on the email. To do this, they need to portray a sense of urgency. This is usually done by telling you that your finances are at risk, your account is being closed, or some other negative action.
3. Generic Greeting
In a time when marketing is increasingly personalized, it’s very rare that you would receive an email that has a generic, non-personal greeting. Trusted organizations almost always address you by name, especially if your action is required on something.
4. Spelling and Grammar Mistakes
Spelling and grammar mistakes are one of the easiest ways to spot a phishing email. Legitimate companies always proofread their communication before publishing. Run-on sentences, misspelled words, and odd phrases are all indicators that the email is fake.
5. Link to Invalid Domain
The ultimate goal of phishing emails are to collect sensitive information. The most common way this is done is by redirecting you to an online form, which has the appearance of a real website. It’s very easy to make a link “look” real. The text in the email may look like a real website, but where the text is linked may be completely different.
6. Suspicious Attachments
A more heinous tactic is to attach files to an email. Their hope is that you view or download the file, which can scan for sensitive information, deploy a virus, or even worse… give the scammer access to your entire computer. This can then be used as a starting point for the scammer to target other users in your organization using your email address.
How to Defeat Phishing
Phishing is best combatted with a combination of prevention tools and user education. Veeya provides services and tools that are designed to keep you safe from phishing. This is done by using image detection and domain analysis to identify phishing sites before anything is compromised. Contact us to learn more about how we can help protect you and your organization from phishing.