5 Ways to Identify a Phishing Email

Updated: May 20, 2020

Phishing is one of the most longstanding and critical methods of cybercrime. But do you know how to detect a phishing email? Despite what people believe they know about phishing attacks, they consistently fall victim.

Here are some examples to demonstrate five clues to help you recognize phishing scams.


The message is sent from a public email domain

No legitimate company will contact you from an address that ends ‘@gmail.com’. Not even Google. Except for independent workers, every company will have its email domain and company accounts. Legitimate emails from Google will read ‘@google.com’.


If the domain name resembles the apparent sender of the email, the message is most likely legitimate. The most reliable way to verify an organization’s domain name is to type the company’s name into a search engine.


The domain name is misspelled

Another clue is hidden in domain names that provide strong evidence of phishing scams ­– and it complicates our previous clue.


The problem is that anyone can buy a domain name and although every domain name must be unique, there are lots of ways to generate addresses that are indistinguishable from the one that’s being spoofed. Therefore, in many ways, criminal hackers frequently still win even when you’ve prevented their first attempt.


That means it’s often not enough to just stop a phishing scheme; to keep your personal information safe you should be able to confidently detect a scam upon first seeing it.


The email is badly written

You can often determine if an email is a scam if it includes poor spelling and grammar. Many people will tell you that such mistakes are part of a ‘filtering system’ in which scammers target only the most gullible people.


If someone disregards clues about how the message is written, they’re less likely to pick up clues during the scammer’s endgame.


It includes suspicious attachments or links

Phishing emails come in many styles, but the one thing they all have in common is that they include a payload. This will either be an infected attachment that you’re asked to download or a link to a bogus website that asks login and other sensitive information.


An infected attachment is a harmless document that contains malware.


Suspicious links

You can detect a suspicious link if the target address doesn’t match the context of the rest of the email.


For example, if you get an email from Netflix, you would expect the link to point you towards an address that begins ‘netflix.com’.


Unfortunately, many legitimate and scam emails cover the destination address in a button, so it’s not instantly obvious where the link goes to. To guarantee you don’t fall for schemes like this, you must train yourself to verify where links go before opening them.


On a computer, hover your mouse over the link and the destination address shows in a small bar at the bottom of the browser. On a mobile device, hold down on the link and a pop-up will show containing the link.


It is important for individuals to identify signs of phishing. Spam filters will never be fully efficient, so it’s up to each of us to read the context of messages and look for anything suspicious.


It is therefore important that you educate employees to understand and interpret the way phishing works and what to do if they get a malicious email.


Source: itgovernance.co.uk