Would you know if you were the subject of a phishing attack? Many people claim they could tell immediately if they received an email from an illegitimate source. If that were the case, there wouldn’t be 1.5 million new phishing websites every month. A 65% increase in attacks in one year! Hackers would have moved on to their next idea for swindling people out of their identities and money. How do you spot a phishing attack and avoid falling victim yourself?
Look for these red flags:
Sender Email Address
It’s essential always to verify the legitimacy of the email address you receive. Some hackers might try to use Gmail or Hotmail accounts to trick you, while others might create a fake email domain that closely mimics the real one. For example, they might use “amazonprime.com” instead of “amazon.com.” To be safe, double-check the email address before clicking on any links or responding to the email, even if the sender’s name looks correct.
Discrepancies in Writing Format
If an attack originates from a foreign country, you may notice minor differences in writing style, such as writing the date as “4th April 2019” instead of “April 4, 2019”. Although this difference appears subtle, it should be considered a warning sign.
Grammar Issues
We all make the occasional typo, but if you receive an email with grammar and spelling mistakes from a major organization, it’s likely from a hacker.
Sender Name
Phishing emails are tricky to identify, but one thing to look out for is generic sender names. It is essential to be familiar with the people who send you emails or at least know their role within the organization to avoid falling prey to such scams.
Link Destination
Before you click on any link in an email, it is crucial to hover over it first. This will show the destination URL, which you should check for legitimacy before clicking. Look out for the domain name of the URL and ensure that it is legitimate, just like you would with the sender’s email address.
Attachments
Is it realistic to expect an attachment from this sender? Rule of thumb: do not open an attachment you don’t expect to receive, whether a zip file, PDF, or otherwise. The payload for a ransomware attack often hides inside.
Email Design
An unexpected font like Comic Sans should immediately raise red flags, especially if you don’t recognize the sender.
Links to Verify Information
Refraining from clicking on any links to verify information is advisable. If you believe your information needs updating, visit the website directly and make changes there.
Odd Logo Use
Hackers try to mimic a website’s look and feel. Frequently, they get very close, but they will be flawed. If something looks or feels off, it probably is.
While there is no foolproof method for avoiding a phishing attack, knowing how to spot likely culprits is a step in the right direction. In our next blog, we’ll cover other protective measures to reduce your risk of falling victim to phishing attacks.