Being the victim of a phishing attack is frustrating. Over 80% of cyber breaches originate through email. if you know how to recognize a phishing email, you can avoid the frustration.
The battle of cybersecurity is brutal on the front line. We have all been the target of attacks both personally and professionally. Here are a few tips to help you recognize most phishing attempts. We will also look at a couple actual phishing email examples and walk through the self-tests together.
Train yourself to think before you click. Email is a very common part of our work flow, and it is very easy for you to be overly trusting while you are so busy. Don’t let your guard down. Here are a few ways to train yourself to think before you click:
1. The Content and/or Context test? Pay attention to the context and content of the email. Is it consistent with an email you would receive from this source? Content, links, attachments, language, grammar etc.? If you know the sender (or who appears as the sender) and it appears out of context, trust your suspicion and see point 4.
2. The Logic Test? Does the email relate to you? For example (see BoA illustration below), I received a phishing email that asked me to log in to my “Bank of America” account for some reason that sounded legit. However, I don’t have a “Bank of America” account. Trust what you know to be true. Sounds crazy…right? But, the statistics are proof, the attackers do great job of creating emails that “look and sound” official with logos, trademarks, contact info, small print footers etc., that will make you question what you know. So, as crazy as it sounds, test for the obvious. If it fails see point 4.
3. The Sender Test? The attacker can disguise the email with a familiar name that appears to be the “sender”. Look at the sender’s name at the top of the email. Click on the drop-down arrow beside their name (this is safe). This will display the originating email address. If it is a crazy address and does not match the sender, then delete the email. If the address is legit, it could still be phishing. The attacker could have actually hijacked the person’s email. This means the attacker has gained access to the sender’s SMTP server and is sending email as if they are the actual user. Even if it passes this test, trust your other checks to validate the email. See point 4.
4. Check before you click. Don’t take a chance. If you are suspicious at all, contact the sender directly BEFORE you click on anything in the email. Call them, text them or contact them some other way than by email. Do not reply to the email. Remember, the email is not coming from the name that appears as the sender, or their email could be hijacked. The attacker has disguised themselves or they are working under cover.
For visual learners, let’s take a look at a couple actual phishing email examples (I covered up any personal info for security purposes).
Example #1: Appears to be a Security Alert from Bank of America: A security alert will get your attention. They crafted it with detail & made it sound convincing. Going through the self-tests will help you determine how to handle it.
Example #2: Appears to be from a known sender:
An email from a familiar source feels legit. Further testing proves different.
Phishing is one of the most commonly used sources of attack. I made these examples look easy to spot. However, phishing emails come in many varieties and from many sources. The simple take away here is to develop a sense of suspicion with all your email. Don’t get caught by email fatigue and a sense of urgency. It could cost you more time and money than practicing a few self-tests before you click on the next email.
Pillar Technology Partners helps organizations clarify and optimize their cyber strategy. If you would like to talk to us to learn more about how to determine your security posture, we would love to connect with you. Please contact us by either filling out the form under contact us or emailing us at firstname.lastname@example.org