How to spot a phishing email.

Phishing schemes trick users into providing sensitive information that can be sold or used maliciously. 

According to a 2021 analysis of data breaches, attackers are becoming increasingly efficient and lean more toward attacks such as phishing and credential theft.  In fact, nearly ¼ of all data breaches in 2020 involved some type of phishing.  Educating your users about phishing schemes, how to spot them and what to do if they encounter a phishing attempt is a great way to protect your organization.

Many times, phishing schemes are easy to spot.  Phishing requests are not sent out by legitimate companies. If you receive an email that leaves you wondering if it’s real, here are some steps to follow to help you decide what to do.

Are you expecting this email? 

 

We know that not all emails are expected. Sometimes it’s great to get an unexpected note from a friend that says hi.  The ones should raise a red flag are the ones you aren’t expecting that ask you to open an attachment, click on a link or share your credentials somehow.  If you aren’t expecting the request, it is safe to assume the request is not valid.  Even if the request comes from someone you know.  In fact, strange emails coming from someone you know, could mean their account is compromised. Clicking on any of the links or opening up attachments in the questionable email can also compromise your account.  If you are unsure if the email is legitimate, it’s best to reach out to the sender via phone to verify it’s real.  A quick  phone call can save you lots of heartache if it is indeed a phishing scheme.  If you or someone you know has been a victim of a data breach reach out to your IT team for support as quickly as possible.  The quicker the data breach is addressed, the smaller the impact will be. 

Check the sender’s email address.

The sender’s email address is one of the first places to look.  Right click on the sender’s name and open the contact.   Check for misspellings and  adjustments to the domain.  For example, should the name be [email protected] instead of [email protected]? Another thing to check is the domain. That’s the information after the @ symbol in the email address. If the @domain is different than the company they represent, it’s probably a phishing attempt.  Be careful though. Cybercriminals sometimes take great care in making the domain look the same.  As an example, @itenabled.com is not the same as @it-enabled.com or even @itenable.com. Look closely.  It’s best to double and triple check your email address before giving over the credentials. If you are unsure about the sender, call the sender and verify or pass the information on to your technical team.

Are there suspicious links?

Don’t stop with the domain.  If the email you received is actually from someone you know and they are asking you to click on a link for any reason stop.  Always ask questions. Just like with the domain in the sender’s email, cyber thieves try to spoof legitimate web addresses too. Right click on the link and check the web address before you follow the link. If the address is not to the place it should be, it’s safe to assume it’s phishing.  Often times hackers will add the name of the organization they are trying to spoof to trick users.  Always proceed with caution when clicking on links. If you are unsure about the safety of an email you’ve received, it’s best to pass the information on to your IT team and delete the email. 

Are they asking for sensitive data?

Before providing any information, always ask yourself “Will the data you provide allow access to other information?”. If you are providing your username or password, pin number or routing numbers be very cautious about the request.  The request for sensitive information could be right in the email or it could be at the site a link that is in the email takes you.  Before entering those credentials,  double check your web address or call the person directly to verify the request.  Compare these sites to some of your historical sites to verify that’s where you should go. Are you going to microsoft.com or microsofot.com?It’s sometimes hard to tell.   If you are unsure about the request, contact your IT professional or the person who sent the request to verify the legitimacy of the request.

Check for spelling

Not everyone can win a spelling bee. We know.   However, legitimate companies spell check before sending large communication pieces.  Many times, in phishing attempts the spelling is dramatically off, but sometimes it’s not that bad.   Misspelling by itself isn’t a tell-tale sign of a phishing attempt, but it does help when you are making a decision on whether or not this is a scam. If there are spelling errors in the communication that is requesting your credentials, it’s best not to supply the requested information until you have verified the request.  Give that person a call or forward to your IT team for help verifying the request. 

Are there grammatical errors?

Another easy way to spot a phishing scheme is to check the tone and the grammar of the sender.  Sometimes the cyber criminal doesn’t speak the same language as the person they are trying to compromise.  They will type up an email in their native language and send it through a translator application.  Even if they do speak the same language, the tone of the email can be off. They may be more or less friendly than the person that they are imitating.  Be aware of a potential threat when the senders tone sounds different than you’re accustomed.  All of these scenarios should raise a red flag. 

 

 

What should you do if you receive a phishing email?

Before responding or clicking on any link in an email, the first step is to always pause and think.  Does this request seem authentic? Does the request match the company and the sender profile?  If the answer is no, the best thing to do is disregard the email or reach out to the requestor to double check. 

If you experience issues from a phishing attempt, contact your IT team immediately. The faster you let someone know, the easier it will be to remediate any ill effects that come from it.   

Email issues don’t have to distract you from running your organization.   Multifactor authentication is a great way to protect your sensitive data. Additionally, setting up cybersecurity rules for your organization ahead of time will keep you heading in the right direction.

Who is IT Enabled?

IT Enabled is a managed IT service provider. We help organizations with 5-500 employees tackle technology?issues by providing comprehensive IT including network and tech support, such as computer, laptop and server support, cybersecurity, disaster recovery options and business phone systems. Our business is keeping you focused on your business.