Identifying a Phishing Attempt

One of the biggest challenges businesses face day to day is the threat of email phishing and scams. Attackers attempt to gain access to devices, steal information or damage a targeted company. Although many systems and preventative measures can be put in place to stop these phishing emails being delivered, the biggest protection a business can utilise is user education and vigilance. Understanding what to look out for and which emails are legitimate or not can stop phishing from ever succeeding.

Are you expecting this email or know the sender?
If you do not know the sender or are not expecting this email then it’s likely any files or requests sent will not be legitimate. Send the message to junk, delete it or contact the sender.

If you know the sender check the email address/headers
A common phishing tactic is to send from an untrusted email address but the sender tries to mask this by using a Display Name you know or trust. Check the email address it was sent from and do not assume that the Display Name is correct.

Check with the sender directly
Know the sender but you’re unsure if it’s legitimate? Email or call them to check. Do not just press reply as you may be replying to a scammer. If you want to contact the sender via email, create a new email and type out the email address instead of replying (this will avoid sending to a scammer who has masked their email address well). Alternatively call them on a trusted number.

Does the language/formatting look familiar?
It can be a telltale sign of a scammer if they use language or formatting that is not consistent with their usual correspondence. If something looks off, check with the sender as mentioned above.

Review what has been sent (files/links/other items)
Scammers will send links that are pretending to be to a legitimate website, along with attachment payment links, pdfs or Office documents including malicious programs or websites. Spam filters will capture this most of the time, but there’s a chance some could get through. Assume all links and files are malicious unless you are expecting or understand their purpose. Tip: hover over links to see where they are directing. If they appear to be going to somewhere different to the text they display, there’s a good chance the link is deceptive.

Scan files, links or other items
Copy links to a website such as VirusTotal and it will scan for you. This will give an indication if this is a well known attack or not. Sometimes this will show as clean though, so does not prove an item is legitimate, but can confirm many times if it is malicious.

These are just some of the methods that will help you avoid falling victim to a phishing scam. It’s best to assume all emails are illegitimate until you can prove otherwise. Take a few extra seconds or minutes to check and it could save you.