Phishing is a prevalent threat in the digital age, often resulting in significant losses both financially and personally. As internet users, understanding the common signs of a phishing email can significantly boost our defences against such cyber threats.
Contents
- 1 What is Phishing?
- 2 Sign #1: Suspicious Sender Address
- 3 Sign #2: Urgent or Threatening Language
- 4 Sign #3: Spelling and Grammar Mistakes
- 5 Sign #4: Unfamiliar Greetings or Sign-offs
- 6 Sign #5: Suspicious Links and Attachments
- 7 Sign #6: Requests for Personal Information
- 8 Sign #7: Too Good to Be True Offers
- 9 Sign #8: Altered Visual Design
- 10 Sign #9: Mismatched URLs
- 11 In Summary
What is Phishing?
Phishing involves deceptive emails that appear to come from reputable sources with the intent to steal sensitive data such as credit card numbers and login information. Its goals include identity theft, financial gain, and unauthorized access to systems.
Sign #1: Suspicious Sender Address
Check the sender’s email address closely; legitimate companies have domain emails, while phishers often use similar-looking yet fraudulent domains to deceive you.
What to Look For
- Check Domain Name: Legitimate organizations usually send emails from a domain that matches their company name. For example, emails from “examplebank.com” would originate from an address like “[email protected].” Phishers might use misleading domains like “examplebank-support.com” or “support-example.com” which appear similar but are indeed fraudulent.
- Inconsistent Subdomains: Phishing emails may use subdomains that are inconsistent with the organization’s standard practice. For instance, “[email protected]” might be legitimate, but “[email protected]” could be suspicious if the organization doesn’t typically use that subdomain format.
- Look for Subtle Misprints: Phishing emails often include slight misspellings in the email address or domain name, such as “examp1ebank.com” or “examplebnk.com.” These changes can be easy to miss at a quick glance.
- Hover Over Email Addresses: Before clicking on any link in the email, hover your cursor over the sender’s name to reveal the actual email address. If there is a mismatch between the displayed name and the email address, it’s a red flag.
- Verify with the Company Directly: If you’re unsure about the email’s authenticity, contact the company directly using contact information from their official website rather than any contact information provided in the suspicious email.
- Beware of Public Email Domains: Be cautious if the email comes from a public email domain, such as “@gmail.com” or “@yahoo.com,” as legitimate companies will almost always use their corporate email domain.
Sign #2: Urgent or Threatening Language
Phishing emails typically create a sense of urgency, prompting you to act quickly. Watch for texts urging immediate action to avoid consequences.
What to Look For
- Immediate Action Required: Phishing emails often claim that immediate action is needed to prevent a negative outcome, such as account closure, loss of service, or legal actions. This is designed to provoke a quick response before the recipient can consider the request’s legitimacy.
- Threats of Consequences: These emails may include threats of financial penalties, legal repercussions, or other severe outcomes if the recipient does not comply with the instructions provided in the message.
- Timing Elements: Phishing attempts may also emphasize that certain benefits or opportunities will be missed if not acted upon quickly, such as claiming that a limited-time offer is about to expire.
- Creating Panic: By conveying messages like “Your account has been compromised” or “Urgent action required to avoid suspension,” the sender aims to create panic, pushing the recipient to act hastily.
Sign #3: Spelling and Grammar Mistakes
Professional organizations send well-written emails. Poor grammar and spelling errors are red flags indicating a phishing attempt.
What to Look For
- Unusual Word Choices and Phrasing: Phishers often use translation tools, resulting in awkward phrasing or unusual word choices that a native speaker wouldn’t use. Look out for sentences that seem off or constructs that are not commonly used in professional communication.
- Consistency in Mistakes: Phishing emails may consistently misspell common words, misuse them, or display poor sentence structure throughout the message. This can be a tactic to evade spam filters that are designed to catch common phishing terms.
- Out of Context Language: Sometimes, phishing emails include correct grammar and spelling but use terminology or phrases that do not fit the context of the supposed sender or the industry they represent. This dissonance can be a subtle hint of a non-legitimate source.
- Detailed Scrutiny: If you suspect an email might be a phishing attempt, read it carefully. Look for any signs of haste in composition, such as missing punctuations, capitalization errors, or jumbled thoughts, which could indicate a scam attempt.
Sign #4: Unfamiliar Greetings or Sign-offs
Generic greetings like “Dear Customer” or unfamiliar sign-offs can also indicate phishing attempts, especially if the organization typically uses personalized communication.
What to Look For
- Unusual or Generic Greetings: Legitimate organizations usually address you by name. Be cautious of generic greetings like “Dear Customer” or “Hello Friend,” which can be signs of phishing.
- Incorrect Titles or Names: If an email addresses you with an incorrect title or a misspelled name, it could be a red flag. Phishers often use inaccurate information that a legitimate sender would not.
- Overly Formal or Informal Language: Emails from professional organizations maintain a consistent tone. Be wary of greetings or sign-offs that are either overly formal or unusually casual, as they might not match the communication style of the organization.
- Inconsistent Sign-offs: Legitimate emails from the same sender or organization will typically use consistent sign-offs. If you notice variations in how emails are signed off, especially within a short period, it could indicate phishing.
- Odd Phrasing or Terminology: Phishing emails might include awkward phrasing or terminology that feels out of place. For example, sign-offs like “Sincerely yours in service” or “With eternal gratitude” can be unconventional for most professional correspondence.
- Missing Contact Information: Legitimate emails often include contact information, such as phone numbers or office addresses, in their sign-offs. The absence of this information can be suspicious, especially if the email requests sensitive information. However, it’s always important to verify contact information in emails, especially if you suspect the email is a phishing attempt. Some scammers will put contact info in the email, but the contact info is invalid.
Sign #5: Suspicious Links and Attachments
Be cautious with emails containing links or attachments, especially if they come unsolicited. They could lead to malicious websites or contain malware.
What to Look For
- Unfamiliar Links: Hover over any links in the email to see the actual URL before clicking. If the link doesn’t match the text or leads to an unfamiliar site, it could be malicious.
- Unexpected Attachments: Be wary of unsolicited attachments, especially if you weren’t expecting any. Phishers often use attachments to deliver malware.
- Mismatch Between Sender and Content: Verify that the email content matches what you expect from the sender. If a trusted contact sends an email with unusual attachments or links, double-check with them through a different communication channel.
- Strange File Types: Phishing emails may include file types that are often associated with malware, such as .exe, .scr, .zip, or .js. Be particularly cautious with these types of files.
Sign #6: Requests for Personal Information
Legitimate entities will never ask for sensitive information through email. Any such requests are almost always phishing attempts.
What to Look For
- Unsolicited Requests: Be wary of emails that ask for personal information without prior communication. Legitimate organizations typically don’t request sensitive details through unsolicited emails.
- Unfamiliar Sender: Verify the sender’s email address and contact information. If the sender is unfamiliar or the email address seems suspicious, do not provide any personal information.
- Request for Sensitive Data: Legitimate entities typically have secure methods for collecting sensitive information. Be suspicious of emails asking for data like passwords, social security numbers, or bank details.
Sign #7: Too Good to Be True Offers
Offers that seem too lucrative or come with unbelievable promises are typical baits used in phishing emails.
What to Look For
- Unrealistic Promises: Be skeptical of offers that seem too good to be true, such as winning a large sum of money, a free vacation, or an expensive gadget without any effort or reason.
- Urgency and Pressure: Phishing emails often create a sense of urgency to encourage immediate action. Phrases like “Act now!” or “Limited time offer!” are red flags that should make you pause and evaluate the legitimacy of the offer.
- Lack of Details: Legitimate offers usually provide comprehensive information about the promotion, including terms and conditions. If the email lacks detail or seems vague about your eligibility for the offer, it’s likely a phishing attempt.
- Suspicious Links: Hover over any links in the email to see where they lead before clicking. If the link points to an unfamiliar or suspicious website, avoid clicking on it and do not provide any personal information.
Sign #8: Altered Visual Design
Any changes in the visual design of emails from regular correspondences, such as logos and fonts, should be scrutinized.
What to Look For
- Inconsistent Logos: Compare the logo in the email to previous legitimate emails. Phishers may use modified or low-quality versions of logos that appear slightly different from the official ones.
- Unusual Fonts: Pay attention to the fonts used in the email. Phishing emails often use different fonts or font sizes that don’t match the typical branding of the legitimate organization.
- Poor Design Quality: Look for signs of poor design quality, such as misaligned text, low-resolution images, and broken formatting. These can be indicators that the email is not from a reputable source.
- HTML Table Logos: Some phishing emails use HTML tables to create spoofed logos. These logos can appear authentic but are often used to bypass brand impersonation protections.
- Image-Based Content: Be cautious if the entire email content is an image (e.g., a PNG or JPG file). This technique can be used to avoid text-based phishing detection systems.
- Visual Elements and Branding: Scrutinize the overall visual elements and branding used in the email. Phishing emails might have subtle differences in colour schemes, layouts, or other visual elements that don’t perfectly align with the legitimate organization’s usual style.
Sign #9: Mismatched URLs
Without clicking on hyperlinks, use your cursor to hover over them and see if the address matches what is displayed or expected. Phishers may use misleading hyperlinks that direct to harmful sites.
What to Look For
- Hover and Inspect: Hover your cursor over the link to reveal the actual URL. Check if the displayed URL matches the link text and corresponds to the organization’s legitimate site.
- Check for Misspellings: Look for slight misspellings or variations in the URL. Phishers often create URLs that look similar to legitimate ones but contain subtle misspellings (e.g., “example.com” vs. “examp1e.com”).
- Mismatch Between Domain and Content: Ensure the domain name in the URL is consistent with the content or the sender of the email. A mismatch can indicate a phishing attempt (e.g., an email from your bank but the URL points to a different domain).
- Use of URL Shorteners: Be cautious of shortened URLs (e.g., bit.ly, TinyURL). While legitimate businesses sometimes use them, phishers also use these to obscure the final destination of the link. Use a URL expander tool to reveal the full link before clicking.
- Irrelevant or Nonsensical URLs: If the URL doesn’t make sense or seems irrelevant to the context of the email, it’s likely a phishing attempt. Phishing links often lead to sites unrelated to the supposed sender’s legitimate website.
- HTTPS and Padlock Icon: While the presence of HTTPS and a padlock icon in the URL is not a guarantee of safety, their absence can be a red flag. Legitimate sites often use HTTPS to secure communications.
In Summary
Recognizing these signs can dramatically reduce the risk of falling victim to phishing. Stay vigilant and maintain informed email practices to protect your personal information.
At RevNet, we recommend having internal procedures in place to prevent employees from falling into phishing scams. For example, if an employee receives a phishing email that looks like it’s coming from their manager requesting money, the employee should contact their manager directly, either by calling or walking into their office to confirm if they sent that request. It’s a best practice to have a real-life person confirm the email and details before doing what the email requests.
If you need expert assistance in securing your business, cybersecurity training, or other area of your IT environment, connect with us today.
