Phishing emails drive me up the wall. Sometimes they are easy to spot, like “HEY! YOU WERE PARKING IN A TOWN YOU DON’T LIVE IN, SO WE’RE SENDING YOU TO PRISON IF YOU DON’T PAY US!!!” Sometimes, however, they are much more clever. They can feature creative artwork, compelling logos, and convincing text within the body of the email itself.
1) Check the email address – While this is usually particular to knowing the person emailing you, it can still be telling if you look at the email address and suspect you’re being phished. The example I like to give is that if you’re expecting an email from Adam Smith and the email address is asmith@coporation.com, but what you get is an email from Adam Smith, but the email is 12346@gmail.com, it’s not legitimate. While I understand that some emails for stores can be slightly more complex than the average email, they will typically be something along the lines of “DoNotReply@corporation.com.” Any email that claims to come from a corporation but uses a non-descript personal email address is likely fraudulent.
2) Backstop the URL – There have been countless times when I have been sent promotion emails from companies, talking about their newest 25% off sale, or whatever. Don’t get me wrong, I love sales, particularly when it’s a company that I like, but I rarely trust emails saying “Just click this link and you’ll get some percentage off of your purchases.” Particularly if it says “Limited time only, so TAKE ADVANTAGE NOW!!!!” What I tend to do when a product is being promoted through email (and I really want it) is I will go to the website for that company, but I will do it without clicking a link in the email sent to me. The reason I do this is that if the company in question is promoting a sale through email, you can bet they are also promoting it on their website. I have received several emails stating that a sale is available, but when I check the site, I find that no sale is currently active.
3) Look at the message you’re getting – All phishing emails are trying to get you to take action without thinking about the action you’re taking. This can come in two forms: enticement or threats. In the enticement category, you will see offers such as discount sales or “one-time only” opportunities. They will be phrased in such a way that if you “DON’T ACT NOW,” you will lose out on an amazing opportunity. The more incidious option are the threats. Phishers will pose as Government Authority figures, bill collectors or anyone else who could threaten your livelihood and say, “IF YOU DON’T ACT NOW WE WILL TAKE [ACTION] AGAINST YOU!!!!” Some of these can be really scary if you aren’t aware that they are scammers trying to steal your information, but pose no threat at all if you don’t give in.
4) Trust your gut – If something feels wrong, nine times out of ten, it probably is. It may take a little bit of practice to see it. Still, if you apply the last three points when you’re looking at an email, you should be able to see the fakes from the legit emails fairly easily. Granted, there will always be some legitimate emails that appear to be phishing emails. It is better to err on the side of caution and not pay attention to those emails than to engage them and risk exposure. If you are truly concerned about an email, you can always delete it or block it from your inbox.
At the end of the day, it is really up to you to mount your own defence from Phishing attacks. While anti-virus programs and defence systems are good, there is nothing that will defeat a system better than a user who isn’t paying any attention to what’s in thier inbox. That is what the Phishers are hoping for; that you, as a user, will only pay enough attention to the emails that they are launching against you, so that you take action without actually realizing what you’ve done, until it’s too late. The best defence you have is your knowledge of the dangers that are out there, what to look for and how to overcome them.
Do you see the Phishing emails in your inbox?
Let me know in the comments section below. If you like this blog post and want to see more, you can follow me on Social Media (LinkedIn, Instagram, and Facebook @jasonlovefiles) or Subscribe to my blog to get new content delivered directly to your mailbox.