How do I identify a phishing email?
What is a phishing email?
Essentially a phishing email is a malicious email, intending to gain some personal information about you that they can use. They tend to be looking for usernames, passwords, credit card details and other sensitive information. The better ones pose as an existing company, it may look like the email is from your bank, from Amazon or maybe even Microsoft.
There are a few types of phishing emails:
Spear Phishing is a highly targeted form of phishing that hones in on a specific organisation
Whaling is targeted at high level executives
Cloning is when a legitimate email is duplicated but the content is replaced with malicious links or attachments.
What are the common signs of a phishing email?
If you think you have a phishing email, swimming around in your inbox – think ANGLER.
This should help you remember the 6 identifying factors of a phishing email and how to avoid being dragged under.
A - Attachment
Also think about the type of attachment you are receiving, would you usually receive this type of document, are you in HR but are receiving invoices, are you in the finance team but are receiving a CV. Surprisingly PDFs can hide all sorts of virus’s and malware. It can be difficult to decide on the attachment alone if this is a phishing email but with the rest of the telltale signs you can usually figure it out.
N - Name
The next thing to look out for is how they address you in the email. “Dear Customer” or “Hello Shopper” are often used. The emails will rarely be personalised and will feel like spam from the offset.
G - Grammar
These hackers might think they are very clever but another telltale sign of a phishing email is that the grammar and spelling will be poor because they think this will make the email look more authentic. Sometimes, these will be by people who have studied internal documents and communications flow and will attempt to closely emulate the education level of the person they wish the email to appear from, including the types of mistakes they would make.
L - Links
Phishing emails will come complete with a link for you to click.
If you hover your mouse over the link, it will show you the actual destination that it will be going to. As you can see on the email below, that link is not going to a page on the Microsoft website, so you know it's malicious.
As always, if you are unsure of anything – don’t click the links!
E - Email
Does the email address look accurate? Phishers will usually create a fake but recognisable email address that, at a quick glance, will look correct.
It might be something as simple as changing email@example.com to firstname.lastname@example.org. You can barely tell the difference.
Some aren’t so clever: email@example.com
If you feel unsure about an email, check the email address.
R - Reason
When you receive the email, the ‘reason’ they are emailing will likely make you want to act with haste. “Your account is about to be closed” – you panic and react quickly. This is the trickiest one, we can’t teach you to not react instinctively. All we can do is ask you to have this in the back of your mind when you receive an unusual email.
Also ask yourself if the reason makes sense – Have you just renewed your Microsoft office but the email says it’s about to run out?
We put the new lad to the test
We gave the email below to our new IT support technician, Corey, to sneakily test him.
He emailed back with a list of reasons why I should have known it was a phishing email... and that is what I based this blog on.
Below is a screen shot of that email. Take a look, do you think you would have spotted those telltale signs?
If you are unsure of anything at all – don’t click links, open attachments or even reply. Send the email in question to firstname.lastname@example.org and ask us to take a look for you. We can advise if this is a phishing email and then the steps you need to take next.