RJ2 Perspective
Written by: Jeff Dann, President of RJ2 Technologies
How to Identify Dangerous Phishing Emails
Introduction
Phishing is a common scam that involves attempting to trick you into giving away personal, financial, or other sensitive information. It’s done by sending an email or posting a link online to make it look like it’s coming from someone you know or trust, like your bank, an online payment site or even friends and family members. Phishing emails can look legitimate, but there are some telltale signs to look for.
What is Phishing
Phishing is a scam where criminals send emails that look like they are from legitimate companies, banks and other institutions, but actually contain
links to malicious websites. Phishing emails contain links or attachments that lead to malicious websites or install malicious software. Many phishing emails are designed to trick you into providing your personal information (like usernames and passwords) to gain access to your personal data.
To protect yourself from being tricked by phishing scams, you should never click on any links within an email unless you’re certain it’s safe.
Phishing emails can look legitimate, and there are some telltale signs to look for:
- Check the email address it’s sent from
- Look for suspicious links or attachments
- Look out for poor grammar
- The email asks for personal information
- Demands urgent deadlines or threats
Look at the email address it’s sent from.
The first thing you want to do is look at the domain name. If it’s from a legitimate company, it will be from their official email address. For example, if you were shopping for shoes at Zappos and received an email about your order status in your inbox, that would be sent from “@zappos.com” or “@zappos-support.com.”
If you receive an email that looks like it came from these domains but with some sort of grammatical error (for example “your@emailaddress@zappos-support”), then this could actually be an indicator that something fishy is going on with the message and it should not be trusted! Many times, these messages will have small grammatical errors that mirror those of a legitimate company, but they have switched two letters around or misspelled one letter/word (for example “Micorsoft” instead of “Microsoft”).
If looking at the domain name does not seem right to you, then check out other clues such as where the message was sent from (the sender’s address), who sent it out (the From field) and if there was any attachment included with the message itself – all three-offer valuable insight into whether or not this is truly coming from your bank or airline (or whoever else).
Suspicious links or attachments
Phishers often try to make their emails look like official communications from banks, insurance companies, or other institutions. They may also use names of well-known companies or organizations as part of their scheme. The goal is to entice victims into taking action, and they’re very good at it! You should be wary of any email that asks you to click on a link or open an attachment; these are common ways phishers trick you into downloading malware onto your computer. If you receive an email with a suspicious link or attachment, don’t click on it! Delete the message immediately instead. If you clicked on a link or opened an attachment in the suspicious email, your computer may be infected with malware. If this is the case, we recommend that you scan your system with antivirus software. If you have any questions about phishing emails or suspicious links, please feel free to contact us.
Look for poor grammar.
If you receive an email with poor grammar, it may be a phishing email. Phishing emails are often riddled with spelling or grammatical errors and often appear to originate from non-English speaking countries. If you receive an email that looks like it was written in another language, do not open it. Instead, forward the message to your IT department for analysis.
The email asks for personal information.
If you receive an email asking for your login credentials or payment information, delete it immediately. Never click on links in emails and always check the URL to make sure it’s legitimate before entering any information.
Watch for urgent deadlines or threats.
When you receive a message that’s urgent, it’s natural to want to respond quickly. But remember this is a phishing email and the sender is trying to trick you into clicking on the link or attachment. Phishers use fear, threats, and urgency to get your attention and prompt you into responding quickly.
You may also be asked for personal information such as your credit card numbers or social security number in order to verify that the request is legitimate. These requests are often made under pressure from time constraints (like an alleged problem with your account) or threats (such as having money taken out of your account or suspended).
Reduce the Risk of Falling Victim to Phishing Emails
Phishing is a constant threat and the best way to prevent it is through employee training. Hold regular staff awareness modules and ensure that all employees are aware of the dangers of phishing emails.
For a more comprehensive approach to preventing phishing, partner with an MSP (managed service provider) who has email protection on all your endpoints. This will help you reduce risk and protect against threats like social engineering attacks, which use email as a conduit for distributing malware or enabling remote access.
Conclusion
In conclusion, there are many ways to identify phishing emails. The best way to avoid falling victim to a scam is by educating yourself about how these attacks work and taking the time to look at each email before responding or clicking on links. For more information on protecting you and your company from phishing attacks, contact us here.