For business management solutions email us or call 020 3004 4600


Let's go phishing! 4 of the best tips for spotting a phishing email

Despite the best efforts of many of the world’s top cyber security firms to prevent email related cyber-attacks, the use of email still remains the most logical way for hackers and cybercriminals to infiltrate organisations, particularly through the use of phishing.

A 2017 Phishing study released at the beginning of the year by Keepnet Labs stated that in 2017 48.2% of phishing emails were opened by the target, which was up on the previous figure of 30% in 2016.

Most malware and ransomware threats are sent via email so all it takes is just one email to be opened by a target within an organisation to compromise the security of the entire organisation.

Furthermore, the study also revealed that these phishing attacks are more likely to be successful as they look to target the most basic of natural human responses. This is because emails are converted to look like genuine emails sent on behalf of a popular company. However, despite this, there are a few telltale signs that can help identify whether an email is a phishing email or not, which we will go through below.

Detection Tip 1: The incorrect use of spelling and grammar

The structure of an email is often the first way used to detect whether you have received a phishing email or not. The writing style within the email is likely to be different from how you normally see it written from the original sender, even with the smallest of variations.

You will find that nearly all organisations make sure that all email communications sent out to their audiences are free from spelling and grammatical mistakes and have been thoroughly proof read. If there are a whole host of these mistakes contained within the email you can almost be certain that this email hasn’t been sent from the original sender.

Detection Tip 2: Strange or weird looking URLs

Most phishing emails are likely to contain links that direct you to a site where you will be asked to login, which is where they are able to steal your account details.

Sometimes it can be quite easy to overlook this as some of these URLs look genuine or similar to ones you have seen before. However, the best way to be sure is to hover your mouse over the link in question via your PC to see if you can see the actual hyperlink, if it is weird looking or unfamiliar then make sure you DO NOT click on it!

You may also notice that the domain name may differ from the organisation it claims to be from, so make sure that you look at the sender address and compare these to previous, legitimate emails you have been sent from that organisation.

Detection Tip 3: Personal Information

If you receive an email that starts with the following greeting ‘Dear Customer’ as opposed to addressing you personally with your name then it’s extremely unlikely that you received this email from the business in question. If it is a business that already has your personal details on file, then the chances are that the email would be personalised.

Detection Tip 4: You need to take urgent action

Emails that you receive in your organisation that require you to take “urgent action” are usually phishing scams, as they are trying to get you to click links in order to provide personal data.

If you ever receive an email like this, the best thing to do is to make sure that you directly call the company in question to check before taking any action.

If you want to be able to protect your business more from email related cyber-attacks or want to have a multi-layered approach to email security, want to safeguard your business with internet security or put a disaster recovery plan in place then get in touch with Advantage today to discuss your requirements.

If you are interested in receiving more of the above, then make sure that you sign up to receive our marketing emails so you can get these articles delivered straight to your inbox.