Hopefully, your employees will be aware of and be on the lookout for phishing emails, one of the most common types of cyber attacks. However, as organizations and their employees become more security savvy, hackers are adapting their strategies to create more convincing scams.
Phishing attacks are getting increasingly harder to spot, often taking advantage of current or trending issues and concerns such as the COVID-19 pandemic, and have seen a sharp rise over the past few years. Cyber security firm F5 Labs reported that phishing attempts increased by 220% in 2020.
So, why are phishing emails so common? Well, they’re an easy win for cyber criminals – they take very little effort to create and enough people still fall for them. The idea of a phishing attack is simple. A hacker will send out an email disguised as a genuine message from an organization to thousands of random email addresses, in the hope that a few people will open the malicious link it contains or follow the email’s requests (such as entering login details). These emails can be very convincing at first glance, but there are usually some simple ways to spot if it’s a scam. Here are our telltale signs of a phishing attack.
1. You have no account with that company
If you get a message like, “Please update your PayPal or GT or Cal or Fidelity account!” but you don’t even have an account with the company, that’s a pretty big red flag.
While you might pause to think, “What if someone opened an account in my name?” you still don’t want to open this email. Go directly to the company in question and request help!
2. The email account isn’t connected to the company
What if you do have a PayPal account, but it isn’t connected to the email account where you received the message? If you’ve never told the company about your other email account, it shouldn’t send emails to that account.
Don’t be inquisitive whatsoever. As soon as you doubt a mail it is better to delete it or not click any link embedded in it than to play ignorance. it might cost you a fortune!
3. The return email address isn’t normal
This is one of the easiest ones to overlook, but one of the most surefire ways to spot a bogus email.
If you get an email from a known company, the email should come directly from that company. If it’s a bill from Netflix, it should come from something like firstname.lastname@example.org. If there are extra letters or numbers in the return email address, it is not legit.
Even if there is a minor error like email@example.com or firstname.lastname@example.org or email@example.com, it’s a trick.
- TikTok removed nearly 90 million videos globally in the second half of 2020In total, from July 1 to December 31 last year, the company … Read More
- Mastercard, MTN partner To enable payments on global platforms with Mobile MoneyMastercard and MTN announced a strategic partnership to enable millions of consumers in 16 countries … Read More
- Using lessons learnt in 2020 to combat the security threats in 20212020 saw a boom in cyberattacks with cybercriminals taking advantage of the … Read More
- Cybercrime and the pandemic – Read Now!A new report from BlackBerry shows that as our digital habits have changed over … Read More
- Here is why enterprise security isn’t just an IT problemThey say a chain is only as strong as its weakest link; … Read More
4. The email asks you to confirm personal information
You’ve probably heard this before, but let me reiterate — reputable companies will never request personal information like your Social Security number, account numbers or account PINs via email.
Even if everything else in the email looks legit, this is a giant red flag. Never click a link from an email you weren’t expecting and provide personal information. Ever!
5. The email is poorly written
Typos happen. That’s not exactly what we’re talking about here. We’re talking about consistently missed words or poorly phrased sentences, which are clear signs a non-native English speaker wrote the email.
Especially when it is coming from companies with great repute, reputable companies don’t let that happen. They have editors and proofreaders who verify their emails look professional before they’re sent out.
6. There is a suspicious attachment
Attachments are pretty common, so we don’t worry about them too much, but we should.
If you see an email with an unexpected attachment, be suspicious. Most reputable companies will ask you to download assets from their website and will not send you an attachment.
7. The message is super urgent
A favorite tactic of phishing scams is to put the pressure on right away. The email may claim you have missed a payment, owe the government money or have been recorded through your laptop’s camera.
These tactics are intended to make you panic and rush to respond to the situation, which means you’ll click on their links to get to the bottom of it. Boom. You’re a phish on the hook!
Don’t respond to high-pressure emails unless you know the reason it appeared. Even if you’re late on your credit card payment and receive a nastygram from your credit card company, don’t use a link from that email to pay or put in information. Go directly to the website.
8. The email doesn’t use your name in the greeting
Does this look familiar? “Dear valued customer” or “Greetings, friend.” Yeah, this is a dead giveaway that an email isn’t from a source you know or work with regularly.
Any company you have an account with should know your name and use it in emails. That’s standard stuff. If you’re not greeted by name, the sender doesn’t know you, and you probably don’t know them (and don’t want to).
9. The whole email is a hyperlink
If your cursor turns into the pointing hand no matter where it is on the email, the entire email is one giant hyperlink. Why? If the whole email is a hyperlink, any random mouse click delivers the sender’s virus or malware.
Its very important to note that personal inquiry or investigation is a very necessary act that can save you lots of time and cost that may come up as a results of not being observant to contents of emails.
You can always call your support lines or do inquiries from support or customer services of those institutions you receive doubting mails from.