HOW TO: Recognize Phishing Email Red Flags

A new email just appeared in your Inbox – at first glance, it seems like something you should handle immediately. But should you really?  Most ransomware and phishing attacks can be stopped by carefully considering the elements of your emails before you take any actions. Here are the steps you should take with every email […]
Speak With An IT Expert

A new email just appeared in your Inbox – at first glance, it seems like something you should handle immediately. But should you really?  Most ransomware and phishing attacks can be stopped by carefully considering the elements of your emails before you take any actions. Here are the steps you should take with every email to ensure you won’t get caught in a phishing scam.

phishing

Photo credit: https://pixabay.com/illustrations/scam-phishing-fraud-email-attack-3933004/

Step 1 – Pay Attention to the Sender

  • Is this someone you know personally, from an email address you’ve communicated with in the past?
  • Is this someone from inside your organization?
  • Is this someone from outside the organization that you have an existing business relationship with?

If the answer to any of these questions is NO, be wary of any sender:

  • From outside the organization that is out of the ordinary.
  • From outside the organization, and the email is not related to your typical job duties.
  • From a sender that you don’t know personally who has not been referred to you by someone you trust.
  • From anyone you don’t normally communicate with.
  • From anyone seemingly within your organization, but the content of the email seems strange or out of character.

Step 2 – Pay Attention to the Recipients

  • If the recipient list includes an unusual or random group of people, or people you don’t know, proceed with caution.

Step 3 – Pay Attention to the Date and Time Stamp

  • Does the email seem typical, but it was sent at an unusual time, like in the middle of the night?

Step 4 – Pay Attention to the Subject Line

  • Is the subject line unusual, irrelevant, or disconnected from the email’s content?
  • Is the email seemingly a reply to a message you never sent?

Step 5 – Pay Attention to Hyperlinks

  • Does the displayed hyperlink match what appears as the link-to address when you hover your cursor over the hyperlink?
  • Is the email blank except for a hyperlink?
  • Does the hyperlink include a misspelling of a known or trusted website?

Step 6 – Pay Attention to Attachments

  • Were you expecting these attachments?
  • Do the attachments make sense in the context of the email content?
  • If the sender is familiar, does this person typically send this kind of attachment?
  • Could the file type be harmful?  A .txt file is the only kind of attachment that is always safe to click on.

Step 7 – Pay Attention to Content

  • Is the content unusual?
  • Does it contain bad grammar or spelling errors?
  • Is the tone of the email urgent? (“Act now or this consequence will happen.”)
  • Is the email asking me to open an attachment or click on a hyperlink that seems weird or out of the ordinary?

Step 8 – Pay Attention to Your Instincts

  • If you have a bad feeling about ANY aspect of the email, don’t open any attachments or click on any links.

Simply taking the time to notice every aspect of the emails you receive can prevent you or your company from becoming the victims of a phishing or ransomware attack. For more information, or to chat about cybersecurity solutions, contact us today to set up a discovery meeting.