Identifying a Phishing Email
Phishing emails are a common method used by cybercriminals to trick individuals into providing sensitive information such as passwords, credit card numbers, and other personal details. This page will help you identify phishing emails with some key indicators.
Check the Sender’s Email Address
Suspicious Domain: Phishing emails often come from addresses that look similar to legitimate ones but have small differences.
(e.g., info@paypai.com instead of info@paypal.com).
Mismatch: If the sender’s address doesn’t match the domain of the company they claim to represent, it’s a red flag.
Look for Generic Greetings
Phishing emails often use generic greetings such as “Dear Customer” or “Dear User” instead of your actual name.
Analyse the Content
Urgent Language: Phishing emails frequently create a sense of urgency or fear, such as threatening to close your account or demanding immediate action.
Suspicious Links: Hover over any links in the email without clicking them. If the URL looks strange or doesn’t match the supposed sender’s website, it could be a phishing attempt.
Attachments: Be cautious of unexpected attachments, especially if they are executable files (.exe), Word documents (.docx), or PDFs from unknown sources.
Check for Spelling and Grammar Errors
Errors: Many phishing emails contain spelling and grammar mistakes. Professional companies typically have high standards for communication and are unlikely to send emails with such errors.
Verify the Email’s Authenticity
Direct Contact: If you are unsure about an email, contact the company directly using a known and trusted method (e.g., calling their official customer service number) instead of using any contact information provided in the email.
Examine the Signature
Lack of Information: Legitimate emails often include detailed contact information, including the sender’s name, position, company address, and phone number. A lack of these details can be a sign of phishing.
Beware of Spoofed Websites
Fake Websites: Phishing emails often direct you to fake websites designed to look like legitimate ones. Always check the URL in the address bar to ensure it’s correct.
Example of a Phishing Email
Here’s a breakdown of a typical phishing email to illustrate these points:
From: info@paypai.com (Notice the misspelled “paypal”)
Subject: Immediate Action Required: Account Verification Needed
Body:
- Greeting: “Dear Customer,”
- Content: “We have noticed suspicious activity on your account. Please click the link below to verify your information immediately, or your account will be suspended.”
- Link: [Hover over the link and it shows www.paypai-verify.com instead of www.paypal.com]
- Signature: “Best regards, PayPal Team” (No contact information provided)
Protect Yourself
Educate Yourself
Stay informed with Aursec’s cyber awareness workshops.
Enable Two-Factor Authentication
Add an extra layer of security to your accounts.
Use Security Software
Install and update anti-virus software.