In the last few weeks I’ve noticed an increase in the number of phishing emails that I and our clients are getting. But what are these emails, and how do you protect yourself?
Phishing emails are one of the easiest attacks for scammers to carry out, and can be tricky to spot if you’re not very IT savvy. There are a few small things everyone can look for however that could help protect you and your information.
What are Phishing Emails?
Phishing emails are so named as the scammer is “fishing” for information. The scammer will send an email pretending to be someone or something they’re not, it might look like an email from a co-worker, or from Microsoft or Google.
The information they’re trying to get can range from log in details to credit card details. They’ll typically do this by linking you to a web landing page that requires you to enter your details. An example that I have seen is an email from a CEO/Director with an invoice link for immediate payment
Email To and From
One of the first things to check is the To and From part of the email. You may need to expand some information, however if you’re using Outlook it should look like this;
And in gmail, it will look like this;
You’ll want to check the sending email first, if it isn’t related to the company it should be from, it’s already looking suspicious.
Links in Emails
The next thing I always check is the links. If they point to the wrong place, no way am I clicking on it.
To check, you need to hover – don’t click! – over the button or text.
In Outlook the destination will show up in a little bubble like the below;
In web browsers such and Chrome and Firefox, hovering over a link will have the destination listed in the lower left corner;
Email Header
The final thing you can check if you’re still thinking it might be legitimate is the Email Header.
This is easy in Outlook. Open the email you’re querying, and select File in the top left corner;
Select Properties at the bottom of the list;
The Internet headers are at the bottom of the new window. You can copy the text into a header analyser from here, such as MX Toolbox Header Analyzer to run a scan.
Here’s the results of a scan I did of an obvious virus email;
Note that 4 of the paths the email took were on blacklists.
Unsure if it’s safe?
The best method to avoid these kinds of emails is having a spam filter installed and having a password manager.
If you’re still unsure, or would like to chat about spam filters or using our secure password manager, please contact us today. It’s always better to be safe than sorry!
