Phishing emails are becoming increasingly sophisticated, with around 3.4 billion messages being sent out every day. In the past, spam filters could be counted on to identify most phishing emails. This is no longer the case, with many messages finding their way into the main inboxes of recipients. If you can’t rely on anti-phishing software, you must take other steps to mitigate the issue.
For businesses, this largely involves training staff on the importance of being vigilant against the latest cybersecurity threats. However, staying wise to the latest phishing tactics requires constant education and adaptation. Below, we explore some of the telltale signs of a phishing email.
1. Spelling and Grammar Errors
Spellcheckers are now a standard feature of most web browsers and email clients. Furthermore, most businesses insist on using them to ensure that internal and external communications remain as professional as possible. Even if an email appears to have been sent from a familiar contact, approach with caution if it’s laden with spelling and grammar mistakes.
2. Suspicious Salutations
Most internal communications or emails sent from familiar contacts will start informally. If a message begins with a more formal salutation, it may be an indicator you’re dealing with a phishing email. Generally speaking, if the message sounds off and the language is out of character, don’t reply and report it to your internal security team.
3. Unusual Attachments
Nowadays, most organizations have embraced file-sharing platforms for exchanging documents or working on collaborative projects. Although email attachments are still used legitimately on occasion, always be wary of them. File extensions can help you make a more informed decision before opening. EXE, ZIP, and DOC files are just a few of the formats regularly used by scammers to launch malware attacks.
4. Don’t Be Rushed Into Replying
Many phishing emails promote a sense of urgency to encourage the recipient to act before they have a chance to consider the credibility of the message. Scammers will attempt to confuse readers by threatening repercussions for not acting quickly. In an attempt to avoid these consequences, many readers rush to act by clicking on phishing links or providing personal information.
5. Look Out for Inconsistencies
Even the most sophisticated phishing emails tend to include inconsistencies. A telltale sign of a fraudulent email is an unfamiliar or inconsistent email address. If you’ve recently received an email from a seemingly familiar sender but something in the message seems off, double-check the email address against previous correspondence.
Links contained within the body of an email should also be scrutinized to rule out fraudulent activity. Even if the sender address looks legitimate and there’s no clear indication you’re dealing with a phishing email, it’s never advisable to click directly on a link. Instead, hover your cursor over the link itself to see what URL is displayed. If the displayed website address looks suspicious, there’s a strong chance you’re dealing with a phishing email.
6. Requests for Sensitive Information
Never trust an email that asks for sensitive information like logins, payment credentials, or personal data. There’s almost no scenario where a credible party will ask for such information. In fact, many organizations will specify in a legitimate email that they’ll never ask for such information. If an email asks for this information, take a step back and run through all the steps outlined above to determine whether you’re the target of phishing activity.
Protect Your Interests with Phishing Prevention Best Practices
With fraudulent emails on the rise, mitigating the risk of phishing attacks has never been more important. If your organization relies on remote workers, it’s even more vital that you instill anti-phishing best practices in your teams to ensure your intellectual property and corporate data are protected.
Greg Tuohy is the Managing Director of Docutec, a business printer and office automation software provider. Greg was appointed Managing Director in June 2011 and is the driving force behind the team at the Cantec Group. Immediately after completing a Science degree at UCC in 1995, Greg joined the family copier/printer business. Docutec also make printers for family homes too such as multifunction printers.