Identifying Phishing Emails

Top 10 Tips to Help You Identify Phishing Emails

Everyone is subject to getting spam and phishing emails from time to time and no email security solution can prevent 100% of the malicious emails that are sent.

Therefore, a critical piece of your email security strategy must be education. Below are the top ten tips that will help you identify these emails if, and when you receive them.

Don't trust the display name

A favorite phishing tactic among cybercriminals is to spoof the display name of an email.

Look, but don't click

Cybercriminals love to embed malicious links in legitimate-sounding copy. Hover your mouse over any links you find embedded in the body of your email. If the link address looks weird, don’t click on it.

Check for spelling mistakes

Brands are pretty serious about email. Legitimate messages usually do not have major spelling mistakes or poor grammar. Read your emails carefully and report anything that seems suspicious.

Analyze the salutations

Is the email addressed to a vague “Valued Customer?” If so, watch out—legitimate businesses will often use a personal salutation with your first and last name.

Don't give up personal or company confidential information

Most companies will never ask for personal credentials via email–especially banks. Likewise, most companies will have policies in place preventing external communications of business IP. Stop yourself before revealing any confidential information over email.

Beware of urgent or threatening language in the subject line

Invoking a sense of urgency or fear is a common phishing tactic. Beware of subject lines that claim your “account has been suspended” or ask you to action an “urgent payment request.”

Review the signature

Lack of details about the signer or how you can contact a company strongly suggests a phish. Legitimate businesses always provide contact details. Check for them!

Don’t click on attachments from unknown sources

Including malicious attachments that contain viruses and malware is a common phishing tactic. Malware can damage files on your computer, steal your passwords or spy on you without your knowledge. Don’t open any email attachments you weren’t expecting.

Don’t trust the header from email address

Fraudsters not only spoof brands in the display name, but also spoof brands in the header from email address, including the domain name. Keep in mind that just because the sender’s email address looks legitimate (e.g sendername@yourcompany.com), it may not be. A familiar name in your inbox isn’t always who you think it is!

Don’t believe everything you see

Phishers are extremely good at what they do. Many malicious emails include convincing brand logos, language, and a seemingly valid email address. Be skeptical when it comes to your email messages—if it looks even remotely suspicious, do not open it.

Plow can be your first line of defense against email fraud. Want to learn more about how Plow can help you secure your network? Contact us today.

Follow Plow: Twitter, LinkedIn, Facebook, and Instagram

About Plow

Headquartered in Brentwood, Tennessee, Plow is a Total Service Provider (TSP) with several distinct business practices that, when consumed together, offer our clients a unique, best-in-class experience that give them peace of mind, valuable time back and the economies of scale that come with having one partner that is focused on exceeding their expectations with every engagement.

Plow Contact

Talia Di Domenico
Plow Networks
(615) 224-8735
tdidomenico@plow.net

Tags: