Smoothwall's top tips for spotting phishing emails
It’s the new year and undoubtedly you’ll be receiving an abundance of emails from different businesses all promoting their best offers and deals for January. It’s no wonder that at this time of year there tends to be a rise of phishing scams, with fraudsters quick to take the opportunity to scam victims and reep the rewards.
As cyber criminals get smarter and savier, their skills are becoming much more sophisticated. Able to camouflage their emails as a legitimate form of communication, cyber criminals frequently convince victims to reveal personal information such as bank details, or even download malicious malware. Fraudsters are now creating genuine looking emails from companies that have a high level of trust amongst consumers, such as Amazon, Debenhams and Apple. Upon first glance the emails can look very convincing, however, not everything is always as it seems.
How to spot fake emails:
Unfortunately, there’s no single technique that applies to every case of phishing, but these are our top tips for spotting fraudulent scams to ensure you don’t get caught out!
- The sender’s email address doesn’t match the trusted organisation’s web address
- There’s a lack of contact details on the email signature - legitimate businesses will always provide contact details within the email footer
- A suspicious display name that doesn’t match the email address
- The email isn’t personal and uses a generic greeting like ‘dear customer’ as opposed to your name
- The email contains multiple spelling and grammatical errors
- The entire text of the email is contained within an image rather than plain text
- You didn’t initiate the action - a common phishing email may inform you that you have won the lottery when you haven’t bought a ticket
- The email asks for personal credentials - legitimate companies including banks will never request for such details via email
- The email indicates urgent action is required
What to do if you suspect a phishing scam:
- Do not open the message if it looks remotely suspicious
- Check the website is legit by hovering your mouse over the link but NOT clicking - if it’s a scam, the link will be different to the written text and won’t be for the trusted organisation. Links usually lead to malicious software via .exe files.
- Never open an email attachment if you weren't expecting to receive it.
- Never supply personal information
- Never reply to the email or contact the senders
- Always contact the company prior to taking action to make sure the email is legitimate - search for the contact details online, don’t use the contact details provided in the email
- Remember, always report the email to Actionfraud
If you think you may have compromised the safety of your bank details and/or have lost money due to fraudulent misuse, you should immediately contact your bank. Have you being a victim of of phishing scam? Let us know by commenting below.