Suspicious emails or phishing emails are deceiving emails from hackers designed to replicate the look of an existing website you may already be a member of. If hackers already have your email or other identifying data, often the last piece of the puzzle will be obtaining your password.
In recent years, as a managed IT services provider in Melbourne, we have seen phishing emails have gotten really convincing and even those with a keen eye can be caught out. It’s important to identify them early so you, your business and your organisation aren’t compromised.
Steps to Identifying Phishing Emails:
The first thing you should do is immediately discard any genuine-looking branding. Yes, if the branding is clearly fake, throw the email out, but it isn’t that difficult for hackers to copy or replicate the branding of established companies in their phishing emails.
From there, move on to the sender details. Don’t trust the display name of the email senders; always look at the link. Is it coming from a domain name that you ordinarily associate with the brand (e.g. instead of subdomain.paypal.com you get one from pay-palservice.com)? Anyone can change their email display name, but they can’t copy a domain they don’t own. It is important to stress caution here, as hackers are increasingly going to greater efforts to get more convincing domains for their phishing operations.
Analyse the language of the email. If the heading has language that’s designed to alarm or scare you, it could be a phishing email. Phishers will commonly induce a sense of emergency to scare victims into clicking without thoroughly evaluating the email. If all seems fine in the heading, inspect the text: Are there any spelling mistakes?
Spelling mistakes and urgent headings aren’t necessarily the hallmark of a phisher, but large companies tend to have professional copywriters putting these emails together. People writing genuine emails for large companies will usually go to the effort of thoroughly spell-checking the finished email and ensuring it is comfortable to read.
If you’re unsure whether the domain is owned by the company the email is purporting to be from, you should dip your toes in. Copy the link, paste it into google and see if anything comes up; often the most common phishing links will be reported on a third-party website. If you’re still not sure, copy and paste the link into your browser (don’t click it in the email) and start your detective work:
- Does it require you to login unnecessarily?
- If you elect to remain logged or remember your login details with this service normally, does the site in question still require you to manually enter your details?
The last thing to mention is that, just as it’s important not to click on links and login to websites before you establish that the original email is legitimate, it is important to not click on attachments either. Downloading attachments is an easy way to infect your computer and compromise all your data. Even seemingly harmless attachments like .jpeg image files can be injected with a virus. Being a non-profit IT consulting company, we have seen that this can be a real risk to non profit organizations and can cause havoc with their donor data.
Protecting yourself into the future:
Phishing emailers who have your email and other data (such as your name), but not necessarily your password (which is usually encrypted), will often use these lists to target users of that service more convincingly. With that said, if you’ve already given this service your name and the email start with the salutation, “Dear Paypal User / Valued Customer,” you can pretty much automatically throw that email in the bin.
A good way to check if your email or passwords have been leaked is to visit https://haveibeenpwned.com/ – a registry that lets you scan massive databases of leaked email and password data by entering in an email or password you commonly use. It’s run by Troy Hunt, a Microsoft regional director and a leading light in data security. It’s a good bookmark to have so you can quickly check if your accounts are at risk following news of a massive data breach.
After mentioning the importance of checking if your passwords have been compromised, it should go without saying that you should regularly update your passwords and keep passwords for your email and important services separate. This will reduce your chance of being hacked without a phishing email and it’ll also reduce the scale of destruction if you unfortunately fall victim to a hacker who has obtained your password.