Identifying Phishing or Spoofing Mails
Let’s face it: phishing attacks are on the rise. Because every one of us makes use of emails. To communicate with our friends, colleagues, relatives and to setup various appointments. A recent study reveals that over half of the internet users get at least one phishing email per day. That’s a huge number considering there are over 3 billion internet users across the globe.
It’s being widely acknowledged that no matter how many security tools enterprises may employ, phishing attacks will continue reaching our inboxes. It is also being acknowledged that most of those messages will succeed in their objective of deceiving unsuspecting internet users. Because, well, as a recent study indicates nearly 97% of people around the globe cannot identify a sophisticated phishing attack.
Therefore the need of the hour is to educate internet users on how to identify phishing mails; creating the necessary awareness needed to make internet users street-smart enough so that they don’t fall for such attacks. Here are 5 tips which can help you can identify phishing mails.
1. Don’t Trust The Display Name: Cyberattackers often successfully spoof the display name of emails in order to deceive users. Therefore users should be trained to change their mail settings such that the domain name remains visible always. This way, they’ll be able to recognize phishing mails easily when there’s a mismatch between the display name and domain name.
2. Don’t Click If You’re Feeling Suspicious: Phishing attacks via malicious or misleading links are frequent. So internet users should be taught to think twice before clicking any link if they think the link or the sender of the mail seems suspicious. Another alternative is to copy/paste the link rather than clicking it to avoid phishing attack.
3. Too Many Typos – A Bad Sign: Enterprises are usually serious about their public image. Therefore their mails typically won’t contain too many spelling mistakes. For example, your ‘bank’ will be conscious enough to avoid making a drastic mistake like mistyping ‘bankkk’ for ‘bank’. So too many typos is another sign that the mail is a phishing mail.
4. Genuine Mails Never Ask for Personal Information: Another tell-tale sign that you’ve just received a phishing mail is that if it requests for your personal information like bank account number, social security number etc., Because would never request you to part with such sensitive information over mails. A point users should make note of.
5. Don’t Click On Unexpected Attachments: Another common phishing tactic often employed is to include malicious attachments in mails which when downloaded by users will end up affecting their machines. So don’t just open any email attachment – especially if you weren’t expecting it.
Cyber attacks come in various shapes and sizes. And phishing mails is one of the oldest forms of cyber attacks. And considering the rate at which it has been steadily increasing, it’s a clear indication that they are not going to subside any sooner. So beware of phishing mails by exercising the right kind of online discretion needed to counter these attacks.
Kevin Jones951 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.