What to know about Phishing practices
Unfortunately, phishing emails have become a common and dangerous practice and we highly advise you and your team to be cautious with some email you receive outside of the platform with ambivalent language and links.
Phishing emails – particularly social engineered phishing emails – are often highly sophisticated, and are designed to evade detection. They are rarely sent from blacklisted IP addresses, and therefore pass RBL checks before being delivered to the recipient´s inbox.
When a phishing email evades detection by all the technological solutions available and arrives in a target´s inbox, the only thing that will now stop the phishing attack from being successful is the vigilance of the intended target.
Phishing prevention requires constant vigilance; these characteristics commonly found in phishing emails will help your teams stay safe.
1. Emails Demanding Immediate Action
Emails insisting on urgent action do so to fluster or distract the target. Usually this type of email threatens a negative consequence if the action is not taken, and targets are so keen to avoid the negative consequences that they fail to study the email for inconsistencies or indications it may be bogus.
2. Emails with Spelling Errors
Most companies now use spell-checking features in email clients or web browsers to ensure their corporate communications maintain a professional appearance. Emails purporting to come from a professional source that contains spelling mistakes or grammatical errors should be treated with suspicion.
3. Emails with Unusual Greetings
Emails from friends and colleagues usually start with an informal greeting. Messages addressed with "Dear XXXXX" or using language not typically used by your contacts are likely from an attacker and should not be responded to or acted upon. Instead, report them to your organization's IT security team as a phishing prevention measure.
4. Discrepancies in Email Addresses
As a part of email security best practices, randomly check senders' email addresses, especially if an email address from a regular contact appears unfamiliar. Comparing the sender's email address with previous emails from the same person can help identify inconsistencies.
5. Inconsistencies in Links and Domain Names
Malicious links can be disguised as legitimate ones. Encourage employees to hover over links in emails to see the actual address. If an email claims to be from a business contact but the address shown is unfamiliar, the email is likely a phishing attempt.
6. Be Wary of Suspicious Attachments
With file sharing primarily occurring via collaboration tools like Dropbox, OneDrive, or SharePoint, emails with attachments from colleagues should be viewed with suspicion. This is especially true if the attachment has an unfamiliar extension or one commonly used for malware (.zip, .exe, .scr, etc.).
7. Emails That Seem Too Good to Be True
Emails that seem too good to be true often entice recipients to click a link or open an attachment with promises of benefits. Even if the email uses social engineering to appeal to curiosity or greed, if the target did not initiate the contact, it should be flagged as suspicious immediately.
8. Emails Requesting Sensitive Information
Emails asking for login credentials, payment information, or other sensitive data should always be approached with caution. By following the anti-phishing best practices mentioned above, recipients can determine whether these emails pose a threat and handle them appropriately.
Here are some examples of Phishing cases:
Email sent by the scammer:
Response sent by the scammer after some of the links sent in the previous email were requesting the victim to "log back in" :
Another example from a scammer showing "a lot of interest" with a sense of urgency:
Phishing prevention requires constant vigilance. Educate your teams and enlist them in the fight against phish to measurably boost your company’s cybersecurity posture.