April 14, 2020 4:43 pm
Hackers have become increasingly sophisticated over time in how they approach you to obtain your vital information. Phishing emails have been able to dupe people into thinking that they are from genuine sources and have gained access to personal or account information to be used for illegal means. Once they have this information, they can create new user credentials or install malware onto your systems to steal other sensitive information.
Phishing emails no longer have ridiculous content that is obvious, it is increasingly difficult to distinguish against a fake email and a genuine one so Mode has devised 7 tips for you to identify phishing emails.
- Genuine companies never ask for sensitive information
If you are asked in an email to provide sensitive information that also has a link or attachment, then it’s likely to be a scam. Companies should never ask you for passwords or credit card information.
- Your name is usually used by legitimate companies
If you receive a genuine email from a company that you usually deal with then they will have your correct name. Some hackers tend to avoid any type of salutation altogether and the emails can almost look perfect and genuine. This is when you must be careful the most of clicking on links attached to this type of email.
- Genuine companies have genuine domain emails
The email address attached to the email might be a genuine domain, however you need to properly check the email address to check where the email has truly come from.
Click on the sender’s email and you will then see the true source of the email. If it is a genuine company, you will see the source of the email matches the Company sending the email. For example, emails from PayPal will have PayPal@mail.paypal.co.uk as their genuine email address. However, if it is a hacker trying to pose as PayPal, the email address behind may have a slight difference in variation, like PayPal123@mail.paypal.co.uk or a spelling mistake. Make sure you check for all these variations. If in any doubt, contact the Company the email is from for verification.
- Check for spelling mistakes
This is the easiest thing to look for. Genuine companies knows how to spell! The email should be well written. However, a little-known fact is that a hacker has a purpose behind bad spelling. They target people who may be less observant and may not always check information well enough.
- Companies will not force you to their website if they are genuine
Phishing emails are coded as a hyperlink, therefore clicking accidentally on the email will open on a fake web page and could download spam on to your computer.
- Unsolicited attachments
Authentic companies don’t tend to send you emails with attachments but would instead send you to their website to download information. However, as mentioned previously, this isn’t always fool proof so you will need to look out for high risk attachments such as files that include .exe. .sct. and .zip. If you are in any doubt contact the company directly.
- Legitimate URL’s are used by legitimate companies
A link may say that it’s going to send you to one place but that doesn’t always mean it will! Make sure you check the URL’s. Check the link in the text. If it isn’t identical to the URL displayed as the cursor hovers over the link, then it isn’t correct then you shouldn’t open it! Add extra security by hovering your mouse over embedded links (without clicking) and make sure the link starts with https://
If you need help in ensuring the security of your teams’ emails, then contact Mode IT and let us help you keep your systems secure.
Categorised in: Uncategorised
This post was written by Anwen Haynes1