In this blog, we will be covering what a phishing email is, what to look out for, and give some examples of phishing emails. By the end of it you should be well prepared to spot a phishing email and protect yourself and your business.
What is a Phishing Email?
A phishing email is an email sent with malicious intentions. These intentions include infecting your PC or extracting sensitive information out of you such as passwords.
They are sent to literally everyone. It involves a scammer contacting you pretending to be a legitimate business or person. The email will contain a link or attachment and will ask you to open it or click on the link.
If you open the attachment malicious content will infect your PC. If you have click on the link you can either infect your PC or will be sent to a webpage that imitates a legitimate website. It may ask you to log in using your credentials or even put your bank details in.
Top Tip!
Never use the same password for multiple accounts. If you do use the same password, you are at risk. If a cyber criminal compromise one of your accounts and uncovers your password, they will try this password out on all other accounts you have, in hopes of gaining access.
Therefore, it’s wise to use different passwords. If you can’t remember them all I highly recommend using Last Pass, a free password management app that every business needs
How to spot a phishing email
- The URL isn’t consistent.
Before you click on that link in an email, hover over it. If the link doesn’t seem trustworthy, ignore it. For example, if the link says to go to an amazon log in page, but when you hover over it, it says “www.amazontsp.co/ntghlloo0873849/44444/233490/amzonssstp/”, it’s most likely a phishing email.
Notice how this fake URL doesn’t use Amazon’s official domain but tries to copy it to look authentic.
- Poor grammar or spelling
Emails from legitimate companies are checked before they are sent out for grammar and spelling errors. A Phishing email may have been sent out by a one-man band and have poor grammar. This could also be because the cyber criminal’s native language isn’t English.
- Manipulative language
Cyber criminals often use urgency, fear, desire, intimidation, lust, or curiosity in their dialogue.
If someone is offering you something that’s too good to be true, it often is. If someone from your company you’ve never met is being slightly aggressive in asking you to make an urgent payment, it could be a phishing email.
- The email is asking for personal details.
It may ask you to click the link and enter your password, bank details or even security questions on the page it opens. If it seems like something a legitimate business wouldn’t ask you to do, it probably isn’t as legitimate as it may seem.
- Generic greetings
Cyber Criminals probably don’t have a list of the names of their targets, so may not use your name in the email. It may just say “Dear Customer” or “Greetings Member”.
Phishing emails are evolving and becoming more elaborate and detailed. Always be on guard with emails that are sent from someone you don’t know. Never open an attachment or click a link in an email from a source you do not trust.
Feel free to speak to our cyber security experts, call us on 01273 806211 for more information.