In-depth

Five giveaways that show an email is a phishing attack

One of the biggest problems in cyber security is the phishing email

A phishing attack is where a user is tricked into giving away personal data such as bank details, credit card numbers and login credentials. Most attacks happen via email communications, which contain a link that sends users to what, at first glance, looks like a legitimate site. One popular example is an email reporting to be from your bank, requesting a log in or a confirmation of personal details.

90% of global organisations have seen the volume of phishing attacks through email increase or stay the same over the past 12 months, according to research from Vanson Bourne. Employee carelessness is the primary internal threat, with 88% of organisations having encountered an internal threat that could have been avoided.

Phishing for financial gain is also on the rise (it went up to account for 47.48% of all phishing detections, according to the latest research from Kaspersky). Although some phishing emails are easy to detect - few people fall for the 'Nigerian Prince' scam any more - criminals are now able to put together sophisticated messages and web pages which can trick even the most discerning person into giving away vital financial information.

To avoid being the next victim, here are four giveaways that show an email is a phishing attack.

The email was unsolicited

Legitimate companies never email users asking for personal information. Neither would they send an email unannounced asking you to download an attachment. No matter how real the email looks, if it is unsolicited and it is asking you to do something, it is most likely a scam.

This is especially true for phishing attacks pretending to be from your bank. According to data from Kaspersky, the detection of phishing pages which mimicked legitimate banking services topped the list of the most popular phishing scams, leaving the longtime leaders of this chart global web portals and social networks - behind.

Advertisement
Advertisement - Article continues below

Towards the end of last year, a wave of Bitcoin scams found their way into email inboxes, riding on the wave of skyrocketing values to con users into giving away thousands of pounds in so-called investments from phishing pages.

Another increasingly common email is one which will state that there is an invoice attached, but which will give very little detail in the actual body of the email. Always check that the sender is legitimate and that the invoice is expected, and never download or open an unexpected invoice attachment.

Poor grammar and spelling

Emails from legitimate sources generally make sure that there are no typos, no spelling errors, and good grammar. Professional companies have teams dedicated to proof checking all marketing material it sends out. Hackers often lack those writing skills. As well as this, they may not have English as a native tongue. We can assume that the criminal wrote the text in their own language and then used a translation tool to convert the text into English.

This means that if you have an email purporting to be from your bank and it has various examples of bad spelling and grammar, then it is most likely not from that bank but from a criminal.

The same applies to pixellated or miss-sized company logos, and email headers and footers that have the wrong company address or spelling errors. However, cyber criminals are getting better at mimicking legitimate company communications, so if in doubt, don't click on any links in the email.

Mismatched URLs

Criminals try to fool victims into clicking on links that to the reader look like the real URL of a legitimate website, but the hyperlink actually is a URL belonging to a criminal. You can prevent visiting the link by hovering your mouse arrow over the link; most browsers will display the real URL link at the bottom of the browser window. If that URL doesn't match with the link the arrow hovers over, it is most likely a trick.

Scammers are also getting more sophisticated at masking the sender's email address. It may appear as 'Amazon Orders' in your inbox, but the email address itself will feature a mix of letters and numbers which marks it out as being fake.

The email features fake URLs

Legitimate emails will feature URLS that lead back to an official website of a company. The URL will have a straightforward name (i.e. trustedbank.com). A criminal will try to make a URL look like a real website as much as possible (such as trustedbank.phishingattack.com). Users should always check any link before clicking on it. Better still, always check a URL by cutting and pasting the link into a search engine. A scam should reveal itself in the first page of results.

This type of activity is not limited to banks; criminals have even created fake URLs containing the word Steam' in order to make the fake even more like the original and deceive inexperienced gamers.

Another recent tactic is the use of bogus characters; for example apple.com and appl.com both look identical, except for the diacritic mark above the 'e' which marks it out as a scam. If in doubt, always type the URL of the site yourself to ensure you're being taken to a trusted page.  

Infected attachments

Attachments carried by emails may appear benign, but they could be infected with malware. A common disguise is as an invoice or bill, which could set hearts racing and fingers clicking. In today's commercial whirlwind, we are all guilty of purchasing goods and services and subsequently forgetting the episode ever happened, so it's easy to see how this tactic would be effective.

Advertisement
Advertisement - Article continues below

Once an infected attachment has been opened, users may discover the document is not actually tailored specifically to themselves, indicating suspicious activity. Unfortunately, by this point, it's already too late. The malware has already been unleashed upon the victim's computer.

Attachments should only be opened if users are confident they are sent from a legitimate party. If clicking on an attachment activates a pop-up warning of unstable or unknown content, take this as a tell-tale signal not to open the file. Pop-ups can also request the user to alter certain security settings to access the file another red flag.

If you're unsure about an email, or the attachment's origin and intention, it's best to contact the sender through an alternative medium and requesting validation or clarification, in one form or another. But if in doubt, err on the side of caution.

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Recommended

Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/security/identity-and-access-management-iam/354289/44-million-microsoft-customers-found-using
identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/operating-systems/microsoft-windows/354297/this-exploit-could-give-users-free-windows-7-updates
Microsoft Windows

This exploit could give users free Windows 7 updates beyond 2020

9 Dec 2019