Attacker Advice: How do I spot a Phishing Email? - Complete IT

Complete I.T. Blog

Attacker Advice: How do I spot a Phishing Email?

by | May 24, 2019 | Archived Articles

new blog post template (48)

A Phishing attack is a type of Social Engineering, which has the aim to trick an individual into clicking on links and sharing sensitive information through email. Cyber criminals have become extremely sophisticated and they can often believably take on the appearance of companies and people you know. For example, they may take on the image of your Manager who is emailing you to pay an invoice. With the tone of voice spot on and nature of the email being a common task for you, staff members can fall victim to this type of attack as they have no doubt that they are not in fact speaking with their boss.

It’s important that all employees within a business are conscious of fake emails appearing in their inboxes due to this rapid rise in phishing and believable nature in which these emails are sent.

5-top-tips

  1. Request of sensitive data
    • Legit companies will never request sensitive data via email. Therefore, if PayPal emails you to confirm your account number and sort code because they need to verify you are you, do not oblige.
  2. Check the “from” Address
    • Often, the email address can be a huge give away that you are not speaking to who you appear to be. A scam email will usually have a bizarre email address so be sure to double check this!
  3. Spelling mistakes and attachments
    • A simple trick is to look out for any spelling mistakes. Additionally, if attachments look off, this is another red flag and you should take care when opening or clicking on any attachments. Always consult another member of your team or your IT department if you are not sure.
  4. Don’t be fooled by the appearance of the URL
    • At first glace a link can appear legitimate but if you hover over the address you will see that in fact the address is not.
      email-phishing
  5. Be mindful that (believable) Impersonation takes place
    • In the past hackers didn’t address you by your first name and that was often a good give away that they were not the person/company they were trying to be. Unfortunately, they are becoming smarter and tend to do their research. Even stalking social media to find out your friends, interests and the way you speak. This makes it 100 times harder to realise that you are not speaking to Emma, your boss and instead speaking with Jeff the cyber criminal.

We hope that training staff to look out for the above will help prevent the attack of a phishing scam.

Find out more about our Cyber Security Solutions or contact us today.