Scams used to be easy to spot: they had tacky and over-the-top premises like Nigerian princes asking for assistance to transfer money out of their country. Now, cybercriminals have become more subtle, using a technique called social engineering, which involves sending fake emails that prey on victims’ trust by posing as coming from authentic sources. These emails trick unsuspecting victims into giving up confidential information, or prompts them into clicking on a malware-infected attachment. Here are some red flags that will help you spot a phishing email.
☐ You’re asked to confirm personal information
Be suspicious of emails asking you to confirm personal information like banking details or login credentials. This is a common tactic cybercriminals use to commit fraud or infiltrate a system that requires login credentials such as a client portal.
What you should do:
If there’s ever a sliver of a chance that the email is authentic, contact the organization that supposedly sent the email. Do not use any of the contact details found in the email, as they may be compromised. Instead, visit that organization’s website and send a request through their Contact Us page or contact them over the phone.
☐ It contains a suspicious attachment or link
If you receive an email from a company out of the blue and it has an unwanted attachment or link, you should be on high alert. The attachment itself may contain malware and the link may redirect you to a site that’s full of them, instantly infecting your device, or worse, holding it hostage.
What you should do:
Don’t even think of clicking on that link. Always type your links manually, or access the site from your web history. You can also hover your cursor over the suspicious link to see if the target URL matches the display text. Even if there’s a chance that the attachments seem harmless and were sent with good intentions, don't open them without running your email security software and informing your IT department.
☐ The email pushes you to panic
Phishing emails have perfected the craft of instilling panic in the reader. The email may mention something about your account being compromised so you need to provide personal information to get it back, or it may threaten you with account termination if you don’t verify your payment details. If the request in the email is unreasonable and demands immediate action, it’s most likely a scam.
What you should do:
No responsible company will threaten their client or pressure them without cause. Do not interact with the sender; just delete it. And if you want to be sure, write a new email to the company who supposedly sent the letter. Do not use the reply option.
☐ It has poor language choice
Sometimes it just takes one read to see that the email is a scam. If the message is riddled with grammatical errors, spelling mistakes, or awkward expressions, you need to watch out.
What you should do:
If you receive such an email, discard it. After all, authentic messages tend to be exhaustively checked for mistakes.
But even with these prevention tips, nothing beats intelligent solutions that act quickly and relentlessly to thwart phishing scams. At Quicktech, we use unique Azure scripts for clients using Office 365 that immediately catch display name spoofing. This script guarantees that only the real sender gets through the system, and not a fraudster using a similar email address.
Discover more cybersecurity solutions for your business today. Contact us or download our free eBook.
Like this article?
Sign up below and once a month we'll send you a roundup of our most popular posts