When Knowing How To Spot Phishing Attempts Isn’t Enough
Even with intensive training on how to spot phishing attacks, in the fast pace of the business day, many employees will inadvertently click on a link, open an attachment or share sensitive information in an email reply. That’s why, in addition to providing training on how to spot phishing attacks, it’s important to have automated anti phishing solutions that protect employees from these dangerous threats.
Mimecast provides anti phishing software as part of a comprehensive, SaaS-based service for email security, archiving, continuity and compliance. Mimecast’s technology automatically blocks malicious URLs and suspicious attachments, and identifies anomalies in email content, headers and domains that may signal a phishing or spear-phishing attempt.
Mimecast solutions are easy-to-use and can be quickly implemented as a cloud-based solution, there is no hardware or software to purchase and no capital investment to make.
Learn more about how to spot phishing attacks and about Mimecast’s anti-phishing technology.
What Is An Infected Attachment
An infected attachment is a seemingly benign document that contains malware. In a typical example, like the one below, the phisher claims to be sending an invoice:
It doesnt matter whether the recipient expects to receive an invoice from this person or not, because in most cases they wont be sure what the message pertains to until they open the attachment.
When they open the attachment, theyll see that the invoice isnt intended for them, but it will be too late. The document unleashes malware on the victims computer, which could perform any number of nefarious activities.
We advise that you never open an attachment unless you are fully confident that the message is from a legitimate party. Even then, you should look out for anything suspicious in the attachment.
For example, if you receive a pop-up warning about the files legitimacy or the application asks you to adjust your settings, then dont proceed.
Contact the sender through an alternative means of communication and ask them to verify that its legitimate.
Grammar And Spelling Errors
One of the more common signs of a phishing email is bad spelling and the incorrect use of grammar. Most businesses have the spell check feature on their email client turned on for outbound emails. It is also possible to apply autocorrect or highlight features on most web browsers. Therefore, you would expect emails originating from a professional source to be free of grammar and spelling errors.
How The Pros Do It
In earlier research, I found that when cybersecurity experts received a phishing email message, they, like most people, assumed the email was real. They initially took everything in the email at face value. They tried to figure out what the email was asking them to do, and how it related to things in their life.
As they read, they noticed small things that seemed off, or different from what would typically be in similar email messages. They noticed things like typos in a professional email, or the lack of typos from a busy executive. They noticed things like a bank providing account information in an email message instead of the standard notification that the recipient had a message waiting for them in the banks secure messaging system. They also noticed things like someone uncharacteristically emailing them without mentioning it in person first.
But noticing these signs isnt enough to figure out the email is a fraud. Instead, the experts just became uncomfortable with the email message. It wasnt until they saw something in the message that reminded them of phishing that they became suspicious. They would see an anomaly like a link that the email was trying to get them to click. In their minds, these are commonly associated with phishing emails.
Do Not Fall For The Urgency Messages
An urgent warning tries to frighten people into reacting without considering the consequences. The most efficient phishing email subject lines use psychological cues to get recipients to click, and people generally dont like missing out on important and attention-catching messages. Attackers frequently feed on fear and urgency.
That is why so many scams demand that recipients respond quickly to avoid being too late to recover from. Once the bait has been laid and the victim falls for the scam immediately, whatever link or attachment has been accessed could have already infected the device.
You May Like: How To Print Emails
The Message Contains A Mismatched Url
One of the first things I recommend checking in a suspicious email message is the integrity of any embedded URLs. Oftentimes the URL in a phishing message will appear to be perfectly valid. However, if you hover your mouse over the top of the URL, you should see the actual hyperlinked address . If the hyperlinked address is different from the address that is displayed, the message is probably fraudulent or malicious.
What Happens If You Open A Phishing Email
Simply reading a phishing message is normally not unsafe. The user must click a link or download a file to activate malicious activity. Be cautious about all communications you receive, and remember that although phishing may most commonly happen through email, it can also occur through cell phone, SMS and social media.
Also Check: Mail Not Updating
Simple Rules To Help Protect Yourself
Keep these four points in mind to better protect yourself against email fraud:
When youre armed with knowledge, its harder for a scammer to trick you into providing confidential information via email. Want to learn more? Check out these five examples of common email scams.
The Message Creates A Sense Of Urgency
Scammers know that most of us procrastinate. We receive an email giving us important news, and we decide well deal with it later.
But the longer you think about something, the more likely you are to notice things that dont seem right.
Maybe you realise that the organisation doesnt contact you by that email address, or you speak to a colleague and learn that they didnt send you a document.
Even if you dont get that a-ha moment, coming back to the message with a fresh set of eyes might help reveal its true nature.
Thats why so many scams request that you act now or else it will be too late. This has been evident in every example weve used so far.
PayPal, Windows and Netflix all provide services that are regularly used, and any problems with those accounts could cause immediate inconveniences.
The business depends on you
The manufactured sense of urgency is equally effective in workplace scams.
Criminals know that were likely to drop everything if our boss emails us with a vital request, especially when other senior colleagues are supposedly waiting on us.
A typical example looks like this:
Phishing scams like this are particularly dangerous because, even if the recipient did suspect foul play, they might be too afraid to confront their boss.
After all, if they are wrong, theyre essentially implying that there was something unprofessional about the bosss request.
Don’t Miss: My Emails Are Not Updating
How To Deal With Known Phishing Emails
Its crucial to be on the lookout for phishing emails. If you see one in your email that hasnt been automatically identified as spam, follow these steps to prevent being a phishing victim.
- Without opening the email, delete it. When you click a link or open an attachment in an email, most viruses are activated. However, certain email programs support scripting, making it easy to receive a virus just by opening an email that appears to be suspicious. Its ideal if you dont open them all at once.
- Block the senders email address manually. You should use your email clients manual block feature if its available. Make a note of the senders email domain and put it to a blacklist. If you share an email box with anyone in your family, this is very clever and helpful. Someone else could come across a legitimate-looking email that isnt in your spam box and do something you dont want them to do.
- Get a second security line. There is no such thing as being overly cautious. Consider investing in antiviral software to help you keep an eye on your inbox.
Remember that the easiest method to deal with a phishing email is to quickly block or delete it. Its a plus if you take any further steps to reduce your vulnerability to these assaults.
You can protect yourself with a few further actions in addition to recognizing and deleting the email.
How To Report Phishing
If you got a phishing email or text message, report it. The information you give can help fight the scammers.
Step 1. If you got a phishing email, forward it to the Anti-Phishing Working Group at .
If you got a phishing text message, forward it to SPAM .
Step 2. Report the phishing attack to the FTC at ReportFraud.ftc.gov.
Don’t Miss: How Do I Restore My Gmail Account
Detect The Poorly Written Emails
One of the best ways to detect phishing attacks is to check for poor spelling and grammar in the email content. The goal of phishing is to appear genuine enough that individuals would click on the link and provide account information. A genuine organizations email should be nicely worded. Although no particular word is misspelled, the statement contains several grammatical mistakes that a normal speaker usually would not commit.
Missing words within a string of sentences may be spotted. For example, Someone may have accessed account or we have detected something unusual to use an application. That is not to imply that each email containing a typo is a fraud. Everyone makes mistakes now and then, especially when people are in a rush. However, spelling and grammar errors tend to be telltale signs of phishing attempts.
What Should You Do If You Receive A Phishing Email
Suppose any aspect of the email is suspicious and falls under any of the common characteristics of a phishing email. In such a case, the first thing to do is not to panic and touch or click anything within the email to go any further. Responding or interacting with the email may compromise the devices security and data. Just because one gets a phishing email does not indicate the machine is infected with a virus or malware.
Whether an email is received from a stranger or a known service/firm, verify with the company to determine if the communication is genuine. Do not respond to the email. If it appears to be from someone known, create a new email message, text or call the person and ask whether they meant to send an email with said attachments or links. Again, do not click any links in the email.
If one gets a phishing email at a work address, recall the company policies that are in place regarding this. According to IT security standards, an employee may be required to forward a phishing email to a specified address, fill out an online report, file a complaint or trash it. If one is unsure about the companys policies, contact the IT security staff or the email service to provide them with details.
Don’t Miss: Where Can I Print Something Off My Email
Will Ut Send Legitimate Emails That Look Like Phishing Scams
There will be times when legitimate messages must be sent to inform you of necessary changes to your accounts. These may include password expiration notices, account expiration notices, or information about account abuse.
It is very important to remember that OIT will never ask for your password in an email. Any NetID password change will always take place on the Account Management web page. If you are ever in doubt about the legitimacy of a potential phishing email, call the OIT Help Desk at 865-974-9900 or forward the email with its headers to .
Two Ways To All But Guarantee You Dont Fall For Any Phishing Scam
Applying these two actions consistently will help protect you from online scams:
Dont click. Use your own link. If you use a product or service from the company apparently sending you the message, dont click. Instead, navigate to the website via a browser bookmark or search engine. If the email is legitimate, you will see the same information when you log into your account on the legitimate site. This is the ONLY way to guarantee you land on the legitimate site.
If you use the link or phone number in an email, IM, blog, forum, voicemail, etc. where you land is their choice, not yours. The website they take you to or the bank manager on the phone may be a convincing copy, but if you share your information it will be stolen and abused.
Use a browser filtering extension. There are browser extensions that grade search engine results based on known characteristics or behaviors and may even prevent you from navigating to malicious sites. Generally, sites will be graded on a scale from safe to suspicious to high risk.
Read Also: How To Make An Email Name
A Model That Can Help Inexperienced Users Identify Phishing Emails
Phishing attacks are cyber-attacks through which criminals trick users into sending them money and sensitive information, or into installing malware on their computer, by sending them deceptive emails or messages. As these attacks have become increasingly widespread, developers have been trying to develop more advanced tools to detect them and protect potential victims.
Researchers at Monash University and CSIRO’s Data61 in Australia have recently developed a machine learning-based approach that could help users to identify phishing emails, so that they don’t inadvertently install malware or send sensitive data to cyber-criminals. This model was introduced in a paper pre-published on arXiv and set to be presented at AsiaCCS 2022, a cyber-security conference.
“We have identified a gap in current phishing research, namely realizing that existing literature focuses on rigorous ‘black and white’ methods to classify whether something is a phishing email or not,” Tingmin Wu, one of the researchers who carried out the study, told TechXplore.
Researchers have recently tried to develop models that can automatically analyze emails in people’s inbox and detect phishing messages. Most of these methods, however, were found to only identify a limited number of patterns, thus missing many malicious emails.
Recipient Did Not Initiate The Conversation
Because phishing emails are unsolicited, an often-used hook is to inform the recipient he or she has won a prize, will qualify for a prize if they reply to the email, or will benefit from a discount by clicking on a link or opening an attachment. In cases where the recipient did not initiate the conversation by opting in to receive marketing material or newsletters, there is a high probability that the email is suspect.
Don’t Miss: How To Recover Old Email Accounts