Few ways to identify email phishing
Email Phishing is a type of online scam where criminals send an email that appears to be from a legitimate company and ask you to provide sensitive information. This is usually done by including a link that will appear to take you to the company’s website to fill in your information – but the website is a clever fake and the information you provide goes straight to the crooks behind the scam.
Below are some of the ways to identify email phishing;
1. If the web and email addresses do not look genuine
It is often the case that a phishing email will come from an address that appears to be genuine. Criminals aim to trick recipients by including the name of a legitimate company within the structure of email and web addresses. If you only glance at these details they can look very real but if you take a moment to examine the email address you may find that it’s a bogus variation intended to appear authentic
for example:
@mail.airbnb.work as opposed to @Airbnb.com
@paypal23.com as opposed to @paypal.com
somecompany_billings@mail.com
finance_yourbank@gmail.com
Remember, don’t just check the name of the person sending you the email. Check their email address by hovering your mouse over the ‘from’ address to be double sure.
2. Legit companies usually call you by your name
Phishing emails typically use generic salutations such as “Dear valued member,” “Dear account holder,” or “Dear customer.” If a company you deal with required information about your account, the email would call you by name and probably direct you to contact them via phone.
Some hackers may also simply avoid the salutation altogether. This is especially common with advertisements.
3. If the email asks you to confirm personal information
Keep an eye out for emails requesting you to confirm personal information that you would never usually provide, such as banking details or login credentials. Most companies will not send you an email asking for passwords, credit card information, credit scores, or tax numbers, nor will they send you a link from which you need to log in.
Do not reply or click any links and if you think there’s a possibility that the email is genuine, you should search online and contact the organization directly – do not use any communication method provided in the email.
4. If there’s a suspicious attachment
When you receive an email from a company out of the blue that contains an attachment, especially if it relates to something unexpected. The attachment usually contains malicious URLs or trojans, leading to the installation of a virus or malware on your PC or network. Even if you think an attachment is genuine, it’s good practice to always scan it first using antivirus software.
Typically, authentic institutions don’t randomly send you emails with attachments but instead direct you to download documents or files on their website.
Sometimes companies that already have your email will send you information, such as a white paper, that may require a download. In that case, be on the lookout for high-risk attachment file types include .exe, .scr, and .zip. (When in doubt, contact the company directly using contact information obtained from their actual website.)
5. If it’s poorly written
If you have received an unexpected email from a company, and it is riddled with poor language, spelling and grammatical mistakes as well as strange turns of phrases, 's usually a strong indicator it is could a phish.
6. If the message creates a sense of urgency and panic
It is common for phishing emails to instil panic in the recipient. The email may claim that your account may have been compromised and the only way to verify it is to enter your login details. Alternatively, the email might state that your account will be closed if you do not act immediately. Ensure that you take the time to think about whether an email is asking something reasonable of you. If you’re unsure, contact the company through other methods.
NB: When in doubt, throw it out: Links in emails, social media posts and online advertising are often how cybercriminals try to steal your personal information. Even if you know the source, if something looks suspicious, delete it.
Ultimately, being cautious with emails can’t hurt. Always remember to take your time to carefully review every email be acting on it.
