How to Spot Phishing Emails: 4 Tips
It’s a truth cybercriminals bank on. When we get an email from a person or organization we think we recognize, most of us open it without a second thought. So how can we spot a trick? See 4 quick ways…
And in the era of widespread phishing, that’s a huge mistake. By now, you’ve probably received warnings about phishing. How it’s far more sophisticated than it was in the old “Nigerian prince” days, and how even experts can be taken in.
The best way to know
Analysts say the best clues in recognizing today’s attacks—including highly targeted spearphishing and business email compromise endeavors—is to think clearly about what response the message is trying to elicit.
Some spotting tips:
1. Move your cursor. This is one tech-focused tip that works most of the time. If you receive an email from your mother but it seems odd or sketchy, roll your cursor over mom’s email address. If the email is a phishing attack, the sender’s actual address will appear.
2. Are you being rushed? Phishers seek to hurry victims into parting with info (or transferring funds) immediately, before they can think better of it. Any email that demands a response right this minute is suspect.
3. Are you being intimidated? Fear is another factor used often in phishing attacks. Messages often claim to be from the IRS, law enforcement, or some sort of collection agency, with bogus threats that you’re in some sort of trouble. Never respond to such messages. If they have any hint of validity to them (for example, if you are embroiled in a tax dispute), call the appropriate phone number.
4. Is the sender at a vastly different part of the company hierarchy? Business email compromise (BEC) scams may originate with a phony email, supposedly from your employer’s CFO or even CEO, urging you to handle a funds transfer. Always double-check such requests —in person or over the phone—before complying.
© National Security Institute, Inc. www.nsi.org
Recent SecuritySense Posts
- 4 Things Crooks Love to See In Your Social Media Profile
- FAQ: Security and the Cloud
- The Ransomware Perfect Storm
- Children More at Risk Online During Pandemic
- Going Back to the Office? You’re a Perfect Target for Phishers
- 5 Social Engineering Tactics Criminals Are Using
- April Scam Watch
- Top 4 Emotions Used in Social Engineering
- Security Is Critical to Pandemic Recovery
- Using Instagram Securely
Protect Yourself & Your Company From Cybercrime
Solution Overview
SecuritySense is a subscription-based content service that delivers you a consistent supply of fresh cybersecurity awareness content so you can easily maintain an ongoing cybersecurity brand awareness campaign
Unique Content Strategy
People pay attention to content they find personally relevant. SecuritySense doesn’t feel like you’re being given extra work to do. It’s a blend of personal and work-relevant cybersecurity tips, warnings, human interest stories, instructions, news and insights that everyone looks forward to receiving. More about our content strategy
The Secret to Creating Awareness
Brand marketers know if you want to create awareness you have to do two things. Steadily promote your message and make sure that message offers content that personally resonates with your audience. SecuritySense makes it easy for you to do both.
Compare Our Per Employee Cost
Compare our per employee annual cost with the $8.00 – $20.00 seat licenses you might pay for training platforms. It’s a no-brainer to add SecuritySense to your overall program.
See pricing