How To Identify Phishing Emails – Tips For Small Business
by TUCU Managed IT Services in Toronto
The internet is a bit like the wild west, except instead of train and bank robbers we now have hackers who attempt to steal your information. The most popular way for these attackers to get control of your systems and companies’ information is through a method called “phishing”. These emails are designed to trick the user into thinking they must give out money, download a file, visit a website, or even give out their password. Today we give you tips on how to identify phishing emails. Review this post with your entire team. Everyone needs some cyber threat awareness and training.
First, the most important thing to remember when trying to spot a phishing attack is; No company will ever ask you for your password or information through an e-mail without being prompted first.
A common phishing e-mail may look something like this:
Note: The link in the body may appear as a word - simply hover your mouse over it to see the URL.
There may be more images in the e-mail, and a lot of them will look professional, but they are not real.
Can you spot the mistakes in the above sample phishing email?
5 Tips to Recognize a Phishing Email
1: The message contains a mismatched URL
One of the first things I recommend checking in a suspicious email message is the integrity of any embedded URLs. Oftentimes the URL in a phishing message will appear to be perfectly valid. However, if you hover your mouse over the top of the URL, you should see the actual hyperlinked address (at least in Outlook). If the hyperlinked address is different from the address that is displayed, the message is probably fraudulent or malicious.
2: URLs contain a misleading domain name
People who launch phishing scams often depend on their victims not knowing how the DNS naming structure for domains works. The last part of a domain name is the most telling. For example, the domain name help.tucu.ca would be a child domain of tucu.ca because tucu.ca appears at the end of the full domain name (on the right-hand side). Conversely, tucu.ca.maliciouslink.com would clearly not have originated from tucu.ca because the reference to tucu.ca is on the left side of the domain name.
3: The message contains poor spelling and grammar
Whenever a large company sends out a message on behalf of the company as a whole, the message is usually reviewed for spelling, grammar, and legality, among other things
4: The message asks for personal information
No matter how official an email message might look, it's always a bad sign if the message asks for personal information. Your bank doesn't need you to send it your account number. It already knows what that is. Similarly, a reputable company should never send an email asking for your password, credit card number, or the answer to a security question.
5: You didn't initiate the action
Many phishing attempts will try to claim you need to reset your password, or simply give the password to them. Reputable companies will never ask for your password or any other personal information via email, as they already have it.
Mistakes in this sample e-mail:
- The domain is micros0ft.com while the official domain is Microsoft.com - the o in soft is a zero in the fake domain
- Microsoft and any other company will never ask you for your personal information via email
- The link does not go to Microsoft.com, it leads to the fake address where they steal your password - (visible in the training PDF version of this file)
What To Do If You Get A Phishing Email
If you do receive a suspicious e-mail, please take a screenshot of the e-mail (do not forward the email) with the following information and send it to your IT provider.
- Sender Address
- To Address
- Date/Time received or sent
NEVER forward a phishing email.
NEVER click on any of the links, download any files, or try to reply to these e-mails. If you do please contact your IT support company immediately.
Trusted IT Support In Toronto: TUCU has been providing IT support and IT Security Services for small business since 2003. We don't sell equipment or block of hours. We help you implement and uphold best practices to protect your business. Give us a call to discover how we will help you.