Phishing scams are on the rise. It’s thought that around 90% of all data branches directly result from phishing. Email phishing is a particular problem. In 2022, it’s estimated that around 3.4 billion phishing emails will be sent daily. With businesses losing around $1.7 million to cybercrime every minute, assessing your anti-phishing strategy has never been more important.
Many of us would like to think we can easily spot a scam email, but the truth is that phishing emails are becoming increasingly sophisticated. In many cases, phishing emails go undetected by spam filters and land directly in the main inbox of a recipient. You can continue investing in advanced spam filters, but knowing what to look for is the only effective way to avoid falling foul of a scam. Read on for essential pointers on spotting a phishing email instantly.
1. Spelling and Grammar Errors
Spelling mistakes are a red flag that an email you’re reading isn’t from a legitimate source. Most organizations use spell-checking tools as a standard before firing out communications, so there’s no excuse for poor spelling and grammar. Even minor dialect deviations can be a sign of a phishing email. To help you stay vigilant, ensure your default email language settings correspond with your location.
2. Does Something Sound Off?
Many email phishing cyber attacks use your existing contact list against you. If you’re reading an email from a colleague or acquaintance, the first line of the message is a solid guideline on whether it’s credible or not. If the greeting seems off, take a step back and consider whether you’re dealing with a phishing email.
3. Emails with a Sense of Urgency
Phishing emails tend to include a sense of urgency to encourage the recipient to act. An email may threaten legal action or financial penalties if you don’t respond to it immediately. While this urgency can be alarming, it’s a weapon to make you lose your cool and act without thinking. If an email is urgently pushing you to make a decision, take a breath and inspect the message for further telltale signs that you’re dealing with a phishing attack.
4. Approach Attachments with Caution
Email attachments should also be viewed with suspicion, even if you’re confident you’re dealing with a legitimate email. Many companies rely on cloud services and file-sharing tools to distribute documents, so email attachments are fairly unusual. The attached file will give you a clearer idea of whether you’re the victim of a phishing scam. Malware is commonly hidden in ZIP and EXE files, while DOC files account for around 35% of all email-based phishing attacks.
5. Identify Malicious Links
Phishing emails are becoming harder to distinguish from the real thing. It’s all too easy for a malicious website to be concealed behind a link that looks genuine. Even if the link looks legit in the body of an email, the actual URL may be a different matter entirely. Before clicking on a link, drag your cursor over it to see what URL appears.
6. Does That Email Address Look Right?
This is a simple and effective way to keep on top of email security. Even if you’ve received an email from a familiar sender, double-check the credentials against previous contact information. Is the email domain correct? If not, approach the message itself with suspicion.
7. Never Hand Over Sensitive Information
You should never respond with sensitive information over email. Any message requesting payment information or username and password credentials is almost certainly a scam. At most, you should only be providing your full name and a reference name in response.
8. Email Subject Lines Say a Lot
The subject line of an email can be used as a barometer to identify phishers. Subject lines can, of course, be used as a marketing ploy, but there’s a difference between a retailer angling for a sale and a scammer teasing you with rewards that are too good to be true.
Take a Stance Against Phishing
Sadly, email phishing is an inescapable reality of modern life. For the individual, they can result in significant disruption and financial losses. For businesses, there’s also the risk of losing intellectual property and suffering from irreparable damage to reputation. However, following the best practice guidelines outlined above can considerably strengthen your phishing prevention strategy.
Greg Tuohy is the Managing Director of Docutec, a high volume printer, and office automation software provider. Greg was appointed Managing Director in June 2011 and is the driving force behind the team at the Cantec Group. Immediately after completing a Science degree at UCC in 1995, Greg joined the family copier/printer business. The document also makes printers for family homes too, such as multifunction printers.