6 Ways to Identify a Phishing EmailIn our last post, we discussed the latest growing trend in cybercrime, fake ransomware. One thing we did not touch on is how ransomware both real and fake infects your computer and devices.
The most common way ransomware invades your computer Is through emails. Ransomware often makes its way onto a device through links and attachments. When a person unknowingly clicks on a link or attachment containing the attack, it is downloaded and installed without their knowledge.
These harmful emails known as phishing emails all have one common goal: to trick people into opening them to make a profit from. They hope people will either provide personal information in order to commit identity theft or encrypt their files with ransomware so they will pay for a decryption key.
The first step in protecting yourself from ransomware is knowing how to avoid it. In one of our previous blogs, we go over the 7 types of phishing emails. Today we would like to enable you with some tips in detecting a phishing email.
1. Use a FilterThere are several technologies that have been created to prevent email forgery. No harm will be done if a malicious message never reaches the end-user. Therefore, it is important you invest in solutions like Xeams that use technologies like SPF, DKIM, and DMARC to detect forgeries and reduce phishing attacks.
2. Check for SpoofingA common tactic among cybercriminals is to spoof the display name of an email. Attackers are able to bypass spam filters set up by email clients by posing as a legitimate email address. For example: let's say you recently subscribed to the "New York Times" and they were sending you weekly emails. Spoofing enables attackers to pose as an editor from the NYT and send you an email from the address editor@NYT.com. Once delivered, the email appears legitimate to you because most user inboxes and mobile phones will only present the display name. Always check the email address in the FROM header and if it looks suspicious, flag the email.
3. Check URLsIf you receive an email you suspect contains suspicious links or attachments, hover your mouse over the link or attachment and you will see the full URL appear. If the URL does not include the organization's exact name, or if it looks suspicious in any other way, delete the email, chances are it is malicious. Additionally, it is important to note you should only click on links with websites starting with 'https'. The 's' indicates this website has taken good security measures.
4. Look for Errors in the Email BodyIf the body or the message is full of grammatical, spelling and punctuation errors it will most likely be from a phisher. Emails coming from legitimate companies will be clear of any typos or errors that can be harmful to their reputation. Check messages carefully for any potential mistakes.
5. Are there Requests of Personal InformationDoes the email ask for any type of personal information such as full name, address, birthdate, or SSN? If so, the email is definitely from a scammer hoping you can provide them with information that will enable them to commit identity theft. Most reputable companies never ask for any personal information via email.
6. Check the FooterIf the email is signed off with just a same or a simple “Have a Nice Day” it could be a malicious email. Whether you are receiving a newsletter, a shipping confirmation, or any other type of email from an organization or person, they will always leave contact information in the footer of the email. It might be an address, a support phone number or email address but legitimate emails will always have a signature at the end of an email.
Whenever opening an email, it is very important you review the tips we have provided and trust your instincts. As technology advances, cybercriminals come up with sneakier and more covert ways of attacking your digital infrastructure and unfortunately, email is the most common method.
Here at Synametrics Technologies, we like to stay one step ahead of these criminals by providing you with products to protect your digital assets.
With Xeams, an email client with a powerful built-in spam and junk message tilting system, you too can stay one step ahead of cybercriminals. Xeams learns from rules and filters set by the admin which messages you consider are junk.
For more information about Xeams visit xeams.com
Or contact our support team via:
Phone: 609-750-0007 option 2