01 Nov 2017

Plentiful Warning Signs to Help You Avoid Phishing

0 Comment

With Black Friday around the corner, and the prevalence of cyber scams at an all-time high, don’t get gobbled up by phishing attempts this season! Since anyone in your organization can fall prey to these scams simply by downloading an email attachment or clicking a malicious hyperlink, it is important for everyone in your practice to know the warning signs of a phishing attempt.

Check out comprehensive phishing warning signs to watch out for in your email inbox, below!


1) Sender

Whenever you receive an email in your inbox, it is important to watch out for these warning signs related to the sender of an email: 

  • Frequency of Communication – The sender rarely communicates with you or this is the first time you’re receiving an email from them.
  • Relationship  You don’t know the sender, or it is strange for them to be contacting you (whether in context to the email or in general).
  • Organizational connection  The sender is not related to your organization or is emailing you about something unrelated to your job duties.
  • Sender domain –The sender’s domain contains typographical errors, or is a visual spoof of a legitimate domain such as “micorsoft-support.com” rather than “microsoft.com.”


2) Date/ Subject Line

It is also important to analyze the timing of emails you receive and the subject line. Be on the lookout for these warning signs related to an email’s timing or subject line: 

  • Date You usually receive this email during normal business hours, but it was sent at an abnormal time, such as 3 a.m.
  • Subject line – The email’s subject line doesn’t make sense in context with the email itself, or it’s a reply to something you never sent or requested. 


3) Content

Warning signs to look out for within the context of the email itself include:

  • Urgency – The email communicates some sense of urgency, such as asking you to click a link or open an attachment within a certain time frame to avoid a negative consequence, gain something of value, or protect yourself against a compromising or embarrassing picture of yourself for someone you know. 
  • Unusual Message – The email message is out of the ordinary, or there is something about it that seems odd or illogical. 
  • Bad grammar/typos – The body of the email includes many spelling or grammar errors. 


4) Links/Attachments

Finally, if the email contains any links or attachments, it is very important to completely verify they are safe before clicking. Be wary of links or attachments with the following warning signs: 

  • Hyperlinks – When you hover over the hyperlink and check the link address, it does not exactly match what the sender included in the email body. Or, the email is blank with long hyperlinks and no further information or context. Or, the email contains a hyperlink that has a misspelling of a well-known website (such as “Micorsoft”).
  • Attachments – The sender included an email attachment that you were not expecting or makes no sense in relation to the context. Or, the sender does not ordinarily send you these types of attachments. Or, the email includes an attachment with a possibly dangerous file type (the only file type that is always safe to click on is .TXT).

If you notice any of these warning signs in an email that you have received, do not click links, open attachments or reply. You are the main line of defense to protect your organization from phishing attacks, so it is a good rule of thumb to keep these warning signs top of mind when opening any emails in your inbox.