Identifying a Phishing Email

Phishing emails are a common method used by cybercriminals to trick individuals into providing sensitive information such as passwords, credit card numbers, and other personal details. This page will help you identify phishing emails with some key indicators.

Check the Sender’s Email Address

Suspicious Domain: Phishing emails often come from addresses that look similar to legitimate ones but have small differences.
(e.g., info@paypai.com instead of info@paypal.com).

Mismatch: If the sender’s address doesn’t match the domain of the company they claim to represent, it’s a red flag.

Analyse the Content

Urgent Language: Phishing emails frequently create a sense of urgency or fear, such as threatening to close your account or demanding immediate action.

Suspicious Links: Hover over any links in the email without clicking them. If the URL looks strange or doesn’t match the supposed sender’s website, it could be a phishing attempt.

Attachments: Be cautious of unexpected attachments, especially if they are executable files (.exe), Word documents (.docx), or PDFs from unknown sources.

Verify the Email’s Authenticity

Direct Contact: If you are unsure about an email, contact the company directly using a known and trusted method (e.g., calling their official customer service number) instead of using any contact information provided in the email.

Examine the Signature

Lack of Information: Legitimate emails often include detailed contact information, including the sender’s name, position, company address, and phone number. A lack of these details can be a sign of phishing.

Example of a Phishing Email

Here’s a breakdown of a typical phishing email to illustrate these points:

From: info@paypai.com (Notice the misspelled “paypal”)

Subject: Immediate Action Required: Account Verification Needed

Body:

  • Greeting: “Dear Customer,”
  • Content: “We have noticed suspicious activity on your account. Please click the link below to verify your information immediately, or your account will be suspended.”
  • Link: [Hover over the link and it shows www.paypai-verify.com instead of www.paypal.com]
  • Signature: “Best regards, PayPal Team” (No contact information provided)