It's a bit sad really, but phishing emails and scams are getting better (or worse): the attackers are improving the format, style and language to make them more believable. Most don’t start “greetings, I have big money deal for you, just share bank details to cash in…” any longer. Fortunately, there are still signs to look for that an email isn’t genuine.
Who the Email is Addressed To
Many phishing emails we’ve seen use generic address sections (e.g. “Dear customer”) rather than the actual name of the user. Do they really know you, do they use real accounts numbers in the email, your name, do you know that you actually have an account or association with them?
This is particularly relevant to phishing emails purporting to be from organisations that you would sign up to personally (e.g. PayPal, Amazon, WorldPay, eBay), as the technology being used to insert your name in any emails the genuine organisation would then send is not complicated so, when it’s not present, it’s a strong sign of fakery.
That’s not to say that every email you receive to “Dear customer” is a phishing attempt though! Use this alongside other ‘features’ in the email to assess its authenticity.
Check Email Address and Domain
We’ve seen hundreds of phishing emails that – at first glance – appear to be from a genuine source, but the email address it’s been sent from is actually nothing to do with the company it claims to be from.
Legitimate organisations sending emails to users will almost certainly do so from thier own corporate ‘domain’ (or address) that matches their website, for example our email address ends with @southwellcomputercentre.com, and our website is therefore www.southwellcomputercentre.com
Spammers, scammers and phishing emails will often use a generic and essentially untraceable email service such @gmail.com @hotmail.com @outlook.com this is done in an attempt to anonymize thier activities. This is a BIG RED FLAG!
You can easily check by hovering your mouse over the ‘sent from’ address, and looking at the actual real address (not the human name part). Sometimes the differences are small (e.g. an additional number or letter added), so look very closely.
Also bear in mind that sometimes companies do use alternate domains for different purposes, so this isn’t a 100% accurate method of checking.
Check Spelling and Grammar
An oldie but a goodie. Most legitimate organisations will compose their emails properly, with accurate spelling, punctuation and grammar, and a general ‘tone and purpose’ (see more on this below) that tends to be consistent from email to email.
Despite technological advances and greater sophistication in phishing attacks, it’s still common to find spelling and grammatical errors: careful reading of emails often means phishing attacks with these errors can be spotted.
Check the Information or Action Being Requested
Generally, genuine organisations will not request sensitive information from users via email. If an email has a link or attachment, and instructions to provide sensitive information in order to achieve something (e.g. a tax refund) or avoid something (e.g. an online account being closed), it’s probably phishing.
Genuine organisations will also tend to communicate with users in a consistent way. If their emails don’t usually contain links, but all of a sudden one arrives that does, it’s a sign that it’s phishing or another type of email scam.
This consistency also applies to the organisation’s writing style (or ‘tone’) and the reason they email you (the ‘purpose’). Phishing emails often try to make a user action more urgent by stating that if it’s not completed within a short period of time there will be consequences.
Take care as well with emails that you don’t recognise that want you to reply. Whilst there mightn’t be a link or attachment to be wary of, it can be the case that attackers will send out an initial email in order to identify a smaller list (those who respond to it) to send the actual phishing email to. This plays on the ‘commitment and consistency’ principle set out previously.
Check Links
Most phishing emails attempt to get users through to a website where the sensitive information must be entered (this is part of the trickery). Whilst genuine companies generally do use links in emails, links are so common in phishing emails that it’s worth checking them closely.
You can check the URL behind a link by hovering your mouse over it. If the URL of the link doesn’t match the organisation’s legitimate website URL (e.g. www.southwellcomputercentre.com and the domain the email came from (e.g. someone@southwellcomputercente.com), if they dont match it’s a clear warning sign.
Urgent call for action - why?
One sign of phishing is repeated use of the same URL (or website address) throughout the email. Sometimes there can be several ‘urgent action’ requested or offered in a phishing email, but closer inspection of the links reveals they all take you to the same place.
For example, if the email is suggesting you should log in to change your password, but also to contact the organisation, and to read their webpage explaining what’s happened, and all of these links have the same URL, that’s a sign of a phishing email.
Hopefully, this will help you spot the easy ones. However, here at Southwell Computer Centre we offer a totally free validation service. Simply forward any suspect email to us at support@southwellcomputercente.com and we will quickly check it out for you.
Komentáře