Have you got an email sitting in your inbox that you don’t think is legitimate?
Cybercriminals target people in many ways, including phishing attacks.
They’re able to send out scam emails that are designed to look like they’re being sent out by a legitimate source.
For an example, an email might look like it’s coming from a family member or a business. An email might also:
• request personal information like passwords
• ask you to open an attachment that’s actually malware.
While a cyber attack may not seem scary on the surface level, it can have some serious real-world consequences, with the average cost of a data breach being 3.86 million dollars.
These threats aren’t uncommon, which is why you’ll want to make sure you know how to spot one. You’ll also want to learn how to respond when you do see a phishing attack. If you’re trying to determine whether or not an email is a phishing attack, you should look for these five things.
1. You’re being asked for personal information
Phishing attacks often appear to be completely legitimate. Cyber attackers go above and beyond to ensure that their emails look authentic. These emails might perfectly match the emails sent out by your employer or bank.
That’s why you’ll want to be wary of what the email is asking for. If an email is requesting personal information, such as a password, you can assume that it wasn’t actually sent by a trustworthy source.
You should be suspicious of any email that requests information you wouldn’t normally be asked for, such as your routing number or passwords.
If you suspect that an email isn’t legitimate, you should avoid replying or clicking any of the links in the email. Instead, you should reach out to the organisation directly and ask them if the email is legitimate.
Furthermore, a lot of companies will even go out of their way to warn you about phishing emails within their own emails or on their website, explaining what they will and won’t ask for and telling you what email address is actually trustworthy.
For the electricians at Smart and Fast electrical the need to appear professional is key. They rely on emails to communicate with clients, provide quotes and stay available at all times.
They explain that “even when we send back emails regarding a custom quote we make sure that our emails are written well and only ask for information that we actually need. A lot of people fall into the trap of giving away personal information just because a company they trust asks for it, however, scammers thrive on this trust and use it to their advantage”.
2. Email and web addresses don’t appear legitimate
In some cases, the addresses phishing emails are sent from look like they’re completely legitimate. Hackers often try to scam people by a company’s actual name in the body of an email and the address the email is sent from.
These details might look real at first glance, but if you look a little closer, you’ll see that the address isn’t genuine at all. For example, an email might be sent out from @mail.commbank.work instead of @commbank.com; these kinds of scams are very common.
Cyber attackers may also hide malicious links in a message. In some cases, the links might be right alongside real links. Prior to clicking any of these links, you should take hover over them and see where they’ll take you.
3. The email is poorly written
In many cases, you can recognise an email simply because the quality of writing is poor. You should read through emails and see if you spot any issues with the grammar or spelling. You should also be wary of emails that don’t appear to be written by a native English speaker.
Any email that was sent out by a major business will have been written by a professional writer. The email will have been carefully checked over before it was sent out to ensure that everything’s spelt correctly and that the grammar is perfect.
Emails will also be checked for potential legal issues. If you receive an email from a business that’s filled with mistakes, there’s a good chance that it was sent out as a phishing attack.
Some people believe that fake emails are poorly written on purpose. That way, only easy targets will be taken in by the scam.
For expert tattoo removalist Jayne Saunders of M.T. Medical, the conversational language used by potential clients can pose a challenge for many Australian businesses.
She says that “because we are often talking to people directly rather than companies, emails are far more casual. However, this makes the line between a casual conversation and a poorly written scam email blurred, so we have to be constantly aware if a customer is legitimate before we progress the conversation any further”.
This also highlights that not only are individuals at risk of being tricked, even companies need to be careful.
4. The email includes a strange attachment
If you receive a surprise email from a business that includes some sort of attachment, you should proceed with caution.
Attachments could wind up infecting your computer or network with malware or some sort of virus. You should always scan attachments with antivirus software before you open them, even if you think it’s legitimate.
5. The email was created to cause concern