How to Identify a Phishing Email

Q.  I’ve received emails from my bank that I suspect are fraudulent, but I’m nervous about ignoring them. What should I do?

A.  First, check the sender’s email address for misspellings. Fraudsters trying to lure you with a phishing scam might use an address that’s similar to a company’s official one, but not exactly the same. It’s not a foolproof tactic, though, because some crooks can completely “spoof” an email address. But you can be certain that a U.S.-based organization’s email address won’t include a domain extension from a different country (such as .ru for Russia or .br for Brazil). Many phishing attempts originate abroad, often from non-native English speakers, so poor spelling and awkward sentence structure in the body of the email could be another telltale clue.

Hovering your cursor over links in the email’s text will reveal a code showing where the link really leads. If it doesn’t include the company’s domain name before the first forward slash (/), don’t click on it. And last, if the email asks you to verify or provide personal information such as credit card and bank account numbers, your Social Security number, or passwords, it’s definitely a fraud, says the Federal Trade Commission. If you’re still in any doubt about whether the email is legit, reach your bank directly; check the contacts page on its website.

In the mood for a deeper dive?

Every day countless phishing emails are sent to unsuspecting victims all over the world. While some of these messages are so outlandish that they are obvious frauds, others can be a bit more convincing. So how do you tell the difference between a phishing message and a legitimate message? Unfortunately, there is no one single technique that works in every situation, but there are a number of things that you can look for. Here are the top 10 things to look for.

1 – The message contains poor spelling and grammar

As mentioned above, whenever a large company sends out a message on behalf of the company as a whole, the message is usually reviewed for spelling, grammar, and legality, among other things. So if a message is filled with poor grammar or spelling mistakes, it probably didn’t come from a major corporation’s legal department.

2 – URLs contain a misleading domain name

Phishing scams often depend on their victims not knowing how the DNS naming structure for domains works. The last part of a domain name is the most telling. For example, the domain name info.ncgit.com would be a child domain of ncgit.com because ncgit.com appears at the end of the full domain name (on the right-hand side). Conversely, ncgit.com.maliciousdomain.com would clearly not have originated from nccgit.com because the reference to ncgit.com is on the left side of the domain name.

This trick is used countless times by phishing artists as a way of trying to convince victims that a message came from a company like Microsoft or Apple. The phishing artist simply creates a child domain bearing the name Microsoft, Apple, or whatever. The resulting domain name looks something like this: Apple.maliciousdomainname.com.

3 – The message contains a mismatched URL

A clue that an email is suspicious is the integrity of any embedded URLs. Oftentimes the URL in a phishing message will appear to be perfectly valid. However, if you hover your mouse over the top of the URL, you should see the actual hyperlinked address (at least in Outlook). If the hyperlinked address is different from the address that is displayed, the message is probably fraudulent or malicious.

4 – The message asks for personal information

No matter how official an email message might look, it’s always a bad sign if the message asks for personal information. Your bank doesn’t need you to send it your account number. It already knows what that is. Similarly, a reputable company should never send an email asking for your password, credit card number, or the answer to a security question.

5 – The offer seems too good to be true

There is an old saying that if something seems too good to be true, it probably is. That holds especially true for email messages. If you receive a message from someone unknown to you who is making big promises, the message is probably a scam.

6: You didn’t initiate the action

Have you ever received an email letting you know you’ve won a raffle for a cruise?! The only problem is that you never bought a raffle ticket. If you get a message informing you that you have won a contest you did not enter, you can bet that the message is a scam.

7 – You’re asked to send money to cover expenses

One telltale sign of a phishing email is that you will eventually be asked for money. You might not get hit up for cash in the initial message. But sooner or later, phishing artists will likely ask for money to cover expenses, taxes, fees, or something similar. If that happens, you can bet that it’s a scam.

8 – The message makes unrealistic threats

Although most of the phishing scams try to trick people into giving up cash or sensitive information by promising instant riches, some phishing artists use intimidation to scare victims into giving up information. If a message makes unrealistic threats, it’s probably a scam.

9 – The message appears to be from a government agency

Phishing artists who want to use intimidation will often pose as a bank or send messages claiming to have come from a law enforcement agency, the IRS, the FBI, or just about any other entity that might scare the average law-abiding citizen. I can’t tell you how government agencies work outside the United States. But here, government agencies don’t normally use email as an initial point of contact. That isn’t to say that law enforcement and other government agencies don’t use email. However, law enforcement agencies follow certain protocols. They don’t typically engage in email-based extortion.

10 – Something just doesn’t look right

Trust your gut and use your JDLR senses —just doesn’t look right. If something looks off, there’s probably a good reason why. This same principle almost always applies to email messages. If you receive a message that seems suspicious, it’s usually in your best interest to avoid acting on the message.

Mitigate phishing scams with help from NCGIT

Phishing scams and spear-phishing threats are on the rise, causing disruption and damage to enterprises everywhere. Designed to fool your employees into reviewing credentials, passwords and other confidential information, phishing scams are involved in more than 90 percent of hacking attacks today1.

The impact of phishing scams on profitability and productivity is huge. Breaches can cost millions, destroying corporate reputations and significantly degrading customer loyalty. Protecting your organization from phishing threats is critical — and that’s where Mimecast can help.

NCGIT’s secure email solutions offer comprehensive defense against phishing scams and other advanced threats, as well as data leaks and routine threats like spam, malware and viruses. Offering always-on, always up-to-date protection that eliminates the cost and complexity of traditional offerings, NCGIT’s email security solutions provide enterprise-grade protection so you and your organization breathe easier.

Contact us today to learn our secure email solutions