How to identify phishing emails: 7 easy ways to spot a scam

Cybersecurity experts share how you can eliminate bad players.


Everyone heard fraud horror stories : the well-intentioned grandmother who films thousands of dollars to bail out her "grandson" outside prison; The distracted tourist whose credit card is stolen in their back pocket on vacation; The Facebook user whose social media profile is hacked and begins to sell designer sunglasses. Nowadays, many of these cases take place online, often in the form of phishing emails, which is why it is important to remain vigilant when keeping your reception box. Continue to read to learn the best advice from cybersecurity experts to identify phishing emails and protect yourself.

In relation: What does a credit card skimmer look like? 7 ways to spot a .

What are phishing emails?

Person scrolling through their email inbox
Stall

The name reveals a lot in this case: phishing emails are used to win something from you, often at your expense, explains Calum Baird , Digital consultant in legal medicine and in response to incidents at System .

"This might include encouraging you to disclose personal information to use for fraud, steal money via a bank transfer or a false purchase page, stealing connection identification information for portals of Work and personal to do a cybercrime or encourage you to download malware, which can have serious consequences for you and your work, which potentially leads to ransomware incidents that cost millions, ”explains Baird.

What is delicate about them is that they are designed to look real. "They will come from a real sender or a company or constitute a real threat, as pretending to have infected your computer by spy software and having embarrassing recordings," explains Baird.

And unfortunately, the new technology means that they become more sophisticated every day.

In relation: What is the Dark web and is sure to use?

What are the signs of a phishing email?

Woman looking at laptop concerned
Peopleimages.com - Yuri A / Shutterstock

1. It's in your spam file

This is the first thing that could reject you, although the simple fact that an email is in your general reception box does not mean that it is benign.

"The legitimate emails are rarely found in spam files", explains Motti Elloul , Vice-president of the response to incidents in the cybersecurity society Point of perception .

When something landed there, it means that he failed one or more tests that check the authenticity and intention of the sender, and you must open with caution.

2. The email address is extinguished

Make sure you carefully inspect the email addresses, especially when you deal with sensitive questions.

"Phishing is to use email addresses that contain suspicious elements to target victims, even sometimes the training of a well-known site or brand", explains Theo Zafirakos , expert in cyber risk and information security at Fortra . "Be looking for modified or added words or characters, as well as words badly spelled in a domain name."

For example, Bankofamerica.com and Bankofamelca.com may look like a glance, note Maria Chamberlain , president at Total acuity solutions . However, usurped emails can even have an exact URL of a business and always be illegitimate.

"If you do not have a previous relationship with the company you may suspect may be usurped, copy and paste the content of the email in a search engine," recommends Chamberlain. "Current phishing attacks are generally reported and published on the internet."

If you have a relationship, go directly to their website or application and perform your business from there rather than by e-mail.

3. The greeting is generic

Greetings like "Dear Customer" and "Hello Hateder" should trigger alarm ringtones.

"Phishing emails are targeting many people at a time and implore that the recipient takes immediate measures, generally without a personalized opening line," said Zafirakos.

However, this rule is not infiltrated, and you must also pay attention to emails addressed via your name. "Spy emails are more targeted, and people will often think that if it is specifically addressed to them that it must be authentic," explains Baird.

For these emails, the bad actor will look for you to create a targeted phish. "For example, the identification of your manager and the usurpation of an e-mail of their request to transfer funds urgently," explains Baird.

4. It is a company with which you often interact

Many phishing emails claim to come from companies that send you to e-mail frequently, such as your bank, UPS, Fedex or Amazon.

"The format of the email may not comply with the previous emails of this company, such as having missing logos", explains Gary Huestis , approved private investigator and owner of a digital investigative firm MEDICTION OF THE CENTRAL . "Or, when you check the properties of hyperlink, it shows a different domain."

5. He makes major promises

"Be skeptical: if it seems too beautiful to be true, this is probably the case," explains Baird. The common messages include news from an unexpected inheritance or offering a gift card in exchange for carrying out an investigation.

6. E-mail is apparently urgent

"Phishing emails often urge people to act quickly, exerting time pressure on people to act or scare them in negative consequences," said Baird. This can lead people to react without thinking things through more rationally.

7. There are spelling and grammar errors

"If they cannot spell, it smells of phishi," explains Chamberlain. "Phishing emails will often contain typing and errors."

In relation: 5 ways to protect your Facebook from pirates .

How to protect yourself from phishing emails

closeup of a man hand holding cellphone with internet browser on screen. Man with spectacles relaxing sitting on couch while looking at mobile phone. Closeup of mature latin man using smartphone to checking email at home
istock

Do not click on unexpected links

"You can be redirected to a website or start a download that can compromise your data or infect your device," explains Zafirakos. By not clicking, you prevent this from happening. AE0FCC31AE342FD3A1346EBB1F342FCB

Do not open the strange attachments

The same is worth for attachments like photos and PDFs. "Suspicious attachments can be operators of malicious software and useful charges of ransomware that can corrupt your data and harm your device," explains Zafirakos.

Do not forget: the bad actors will make these pieces attractive, and your curiosity could take over on you if you are not careful.

Use different email addresses

Having some email addresses in a rotation you use for different ends could help you tip cybercriminals.

"For example, you can have an email address for online subscriptions, another exclusively for the bank and finances, and another for news and entertainment accounts," explains Chamberlain. "If you receive a warning to your entertainment email that your bank account has been hacked, you can be sure that this is a phishing email."

Use technology to your advantage

Many modern phishing attacks are so sophisticated that it can be difficult to identify them by yourself. "This makes it particularly important to use advanced safety tools to improve your chances of avoiding threats posed by phishing attacks," said Elloul. Here are some options that Elloul suggests:

  • Use filtering tools by e-mail: "Deploy e-mail safety solutions that use advanced filtering techniques to identify and block phishing emails before reaching your reception box," suggests Elloul. "These tools analyze the content of emails, headers and sender information to detect potentially malicious emails and put them in quarantine or report them."
  • Install an extension of the anti-phishing browser: "These extensions check the websites you visit in a known phishing site database and offer a warning if you try to access a potentially malicious website," explains Elloul.
  • Use antivirus software: "These are often delivered with anti-phishing characteristics", notes Elloul. "These solutions can scan incoming emails and web pages for potential phishing attacks and block access to malicious websites."
  • Activate two -factor authentication: "This adds an additional safety layer, which makes it more difficult for attackers to access your accounts, even if they get your connection identification information," explains Elloul.

Love story of Freida Pinto and Core Tran: From introduction to pregnancy
Love story of Freida Pinto and Core Tran: From introduction to pregnancy
Blogger Shams Working Mothers in Viral Facebook Post, Sparks Stranding
Blogger Shams Working Mothers in Viral Facebook Post, Sparks Stranding
The owner discovers the strange reason behind the tendornic hamster refusing to open his mouth
The owner discovers the strange reason behind the tendornic hamster refusing to open his mouth