Phishing email is a type of online scam when a cyber criminal sends an email that appears from a legitimate company and asks to provide user’s sensitive data. Phishing emails also consist of delivering malware by sending malicious attachments or links. According to Phishing and Email Fraud Statistics 2019, 76% of businesses reported being a victim of a phishing email and 30% phishing emails were opened by targeted users. Below are 10 ways to detect phishing emails to protect users and companies to fall for the phishing emails.
- A mismatched URL
Sometimes the URL in phishing emails often looks valid and less suspicious. However, users are encouraged to see the actual hyperlinked address (at least in Outlook). The message is probably fraudulent or malicious if the hyperlinked address is different from the address that is displayed.
- URLs with a misleading domain name
Scammers trick users by sending emails that look like companies from Microsoft or Apple. However, users should not fall under this type of scam and have to stay vigilant. Most users do not know how the DNS naming structure for domains works. For example, the domain name info.cyberhome.com would be a child domain of cyberhome.com as cyberhome.come appears at the end of the full domain name. Cyberhome.com.maliousdomain.com would not have originated from cyberhome.com because the reference to cyberhome.com is on the left side of the domain name. The result domain of Microsoft looks like Microsoft.maliciousdomainname.com.
- Poor spellings and grammar error
Legitimate companies have trained staff and whenever they send out large or small messages/emails to staff, they require double checking and then only they send emails to their staff. Thus, if a message has poor spelling and grammar error, it’s always a better option to cross-check first and if the company did not send out the message, users should immediately report it.
- Asking for sensitive information
Sending your sensitive information through email is never safe. If your bank emails you to send your account number through email or asking for your username and password through email, it is recommended to not to send it. A reputable company should never send an email asking for sensitive information including your password, credit card numbers.
- Too good to be true
When a user is looking for an apartment to rent, the apartment crosses the limits of your expectation and the rent is too good to be true. However , the landlord is emailing you to send some deposit first and then you will get the key of the house through email as the landlord is not in the current city you are living. This is a case of fraud and many innocent people have fallen under this type of scam.
- Surprise lottery!
When you get a message of winning a lottery, gift cards or some latest gadgets but you never bought a lottery ticket. This is just another way of scamming people to open the message and click on the link.
- Asking to send money to cover medical expenses
When your friend emails you seeking help financially for medical expenses, people tend to easily fall for this scam. Not only medical expenses, the government often sends email to victims to pay some tax and fees. Thus, before making any transactions, call in the legitimate websites to confirm.
- Unrealistic threats
When a user has a lease car from WellsFargo and no savings and checking accounts with them, the user gets an email saying that his account has been compromised. The message said that the user has to send his photo-id in two days if not all the assets and the bank account will be seized by the bank. However when we get this type of email, we tend to focus on the word “seized” without analyzing the whole email.
- From a government agency
In the United States, governments don’t contact people directly and they do not engage in email-based extortion. Scammers send emails to victims pretending to be the IRS, or FBI asking for personal details of the victim. Most of the IRS, they send direct letters to your house address with the official letter, they do not send email or call you before you get the official letter.
- Something just doesn’t look right – Suspicious message
If you happen to see any email that looks suspicious to you, victims can report it immediately on the US-CERT website and also make sure not to click on any suspicious message. In Las Vegas, casino security teams are taught to look for JDLR which just doesn’t look right.
Therefore, phishing email is the most common attack vector to spread ransomware and to cause disruption in the network. Email scanning, user awareness and educational programs, DNS lookup, and endpoint-based antivirus are some preventive measures to protect from phishing emails. If a company or a user detects any phishing email then they should report immediately and take preventive measures.
In the worst case scenario, if the company suffers from data breach or ransomware attack, disconnect the network and immediately call LIFAR, LLC for data recovery and to deal with the ransomware attack.