Table of Contents
Phishing scams are on the rise. It’s thought that around 90% of all data branches are a direct result of phishing. Email-based phishing is a particular problem. In 2022, it’s estimated that around 3.4 billion phishing emails will be sent daily. With businesses losing around $1.7 million to cybercrime every minute, it’s never been more important to assess your anti-phishing strategy.
Many of us would like to think we can easily spot a scam email, but the truth is that phishing emails are becoming increasingly sophisticated. In many cases, phishing emails go undetected by spam filters and land directly in the main inbox of a recipient. You can continue to invest in advanced spam filters, but the only effective way of avoiding falling foul of a scam is to know what to look for. Read on for some essential pointers on how to instantly spot a phishing email.
1. Spelling and Grammar Errors
Spelling mistakes are a red flag that an email you’re reading isn’t from a legitimate source. Most organizations use spell-checking tools as a standard before firing out communications, so there’s no excuse for poor spelling and grammar. Even minor dialect deviations can be a sign of a phishing email. To help you stay vigilant, make sure your default email language settings correspond with your actual location.
2. Does Something Sound Off?
Many email-based phishing attacks use your existing contact list against you. If you’re reading an email from a colleague or acquaintance, the first line of the message is a solid guideline on whether it’s credible or not. If the greeting seems off, take a step back and consider whether you’re dealing with a phishing email.
3. Emails with a Sense of Urgency
Phishing emails tend to include a sense of urgency to encourage the recipient to act. An email may threaten legal action or financial penalties if you don’t respond to it immediately. While this urgency can be alarming, it’s a weapon to make you lose your cool and act without thinking. If an email is pushing you to make a decision urgently, take a breath and inspect the message for further telltale signs you’re dealing with a phishing attack.
4. Approach Attachments with Caution
Email attachments should also be viewed with suspicion, even if you’re confident that you’re dealing with a legitimate email. Many companies rely on cloud services and file-sharing tools to distribute documents, so email attachments are fairly unusual. The type of file attached will give you a clearer idea of whether you’re the victim of a phishing scam. Malware is commonly hidden in ZIP and EXE files, while DOC files account for around 35% of all email-based phishing attacks.
5. Identify Malicious Links
Phishing emails are becoming harder to distinguish from the real thing. It’s all too easy for a malicious website to be concealed behind a link that looks genuine. Even if the link looks legit in the body of an email, the actual URL may be a different matter entirely. Before clicking on a link, drag your cursor over it to see what URL appears.
6. Does That Email Address Look Right?
This is a simple and effective way to keep on top of email security. Even if you’ve received an email from a familiar sender, double-check the credentials against previous contact information. Is the email domain correct? If not, approach the message itself with suspicion.
7. Never Hand Over Sensitive Information
You should never respond with sensitive information over email. Any message requesting things like payment information or username and password credentials is almost certainly a scam. At most, you should only be providing your full name and a reference name in response.
8. Email Subject Lines Say a Lot
The subject line of an email can be used as a barometer to identify phishers. Subject lines can of course be used as a marketing ploy, but there’s a difference between a retailer angling for a sale and a scammer teasing you with rewards that are too good to be true.
Take a Stance Against Phishing
Sadly, phishing emails are an inescapable reality of modern life. For the individual, they can result in significant disruption and financial losses. For businesses, there’s also the risk of losing intellectual property and suffering from irreparable damage to reputation. However, by following the best practice guidelines outlined above, you can strengthen your phishing prevention strategy considerably.
Greg Tuohy is the Managing Director of Docutec, a high volume printer and office automation software provider. Greg was appointed Managing Director in June 2011 and is the driving force behind the team at the Cantec Group. Immediately after completing a Science degree at UCC in 1995, Greg joined the family copier/printer business. Docutec also make printers for family homes too such as multifunction printers.
Hello, My name is Shari & I am a writer for the ‘Outlook AppIns’ blog. I’m a CSIT graduate & I’ve been working in the IT industry for 3 years.