Email remains king of business communications, and there’s no doubting the importance of keeping business inboxes and confidential information protected. While firewalls and email protection tools are quite useful as a strong line of defense against a wide range of malicious threats and cyber-attacks, only proper user awareness counts when it comes to the indirect, virus-free email scams that trick users into unknowingly giving up information to an outsider, such as user names and passwords, how things are done in a company, who’s responsible for what, who has a key to what… etc.
For this reason, today’s blog aims at giving you five symptoms of a malicious email activity to check out for every time a new email lands into your inbox.
Five ways you can spot stealthy email phishing activities
Impersonal Email greeting
The email you’ve received contains generic greetings and lacks contact information for the sender.
Spelling & Grammar Mistakes
The email has clear spelling or grammatical errors. This is a stand out in phishing emails. Legitimate companies usually proof read extensively before sending.
Asking For Personal Information
These emails usually provide you with a link to ‘log in’, or request passwords, credit card information or ‘verifications’ on purchases.
Very Urgent Or Unexpected
A common tactic in these emails is to provoke urgency & cause panic so you’ll click on, or download their content. They achieve this by presenting a large bill, fine, or telling you an account has been compromised. Tip: if you don’t deal with the company normally, it’s definitely fake!
Email Addresses & Links In Disguise
If you click on the sender’s email address, and what you see isn’t lining up with who they claim to be, something is wrong. You can also hover over any links, which will show you if they’re really taking you to that ‘website’ or somewhere else…
Now have a look at some photos that visually illustrate the signs we've just mentioned.
Example 1
Example 2
Example 3
Example 4
Example 5
Of course, there are hundreds of other ways that cyber criminals use in order to trick users into giving up personal information or installing malware. That's why it's advisable for businesses and organizations of every vertical to
promote user awareness across their organization and empower their employees to spot phishing scams no matter how complicated or innocent-looking.
You’ve received an email that looks suspicious, what do you do now?
1. Do not click on any links or attachments.
2. Call the company the email ‘claims’ to be & ask if they did in fact send you the email.
4. If you would like to implement an industry-specific user awareness training solution for your employees, then
PhishMe is your best bet. Cofense PhishMe is designed to change risky behavior and enable employees to recognize and report phishing emails. The Cofense methodology deliver hands-on experience with safe examples and on-the-spot education opportunities. The Cofense research teams use real phishing emails to create timely examples and content focused on today's greatest threats. If you have any questions about PhishMe,
contact our support team and let us clarify things for you.