With the dramatic expansion of online transaztions, there is an uprise in phishing emails. What to do about them? Organize your department and company enforcing prevention of cybersecurity threats.
Scammers manage to communicate with you sending email from fake URL (website address). They usually offer something to you, discount at for the bank account plan, promotion or sends a fearful message that your password need be changed. They can find also other reasons that your acocunt needs updates.
Note that organizations do not send you email about updating your account. Or requesting your personal data. Organizations send you a confirmation email only after some action from you. For example, you’ve registered for a newsletter, or in a community. Or you’ve applied for a new credit card, or purhcased an item.
Phishing emails. What to do about them?
Firstly, do not open emails from people you don’t know.
Secondly, let’s see how to identify phishing emails, what to do next.
Perhaps you know the name in your inbox.
1. Examine the sender’s name
Examine the email right from seeing it in your inbox. And do not open it.
Hover your mouse over the sender’s name. If there is not a discrepancy between the name and the designated username, it might be a legitimate email. The designated username are all characters before the “@” in the email address.
2. Verify username and email address
In the example below you see the discrepancy
Consequently, the email address and the corresponding Name spelled before ‘@’ in the email address of EL Royale Casino email do not present similarities. Then, do not open.
However, If the email shows very little differences, for instance:
<Mary Brown> m.brown@outlook.com, or it shows a perfect match, and you know the person, the email is valid.
So, let’s do more checks to be absolutely sure it is a valid email.
For example the sender is
Name of Recognized Vendor nameofrecognizedvendor@recognizedvendor.com
3. Detect phishing email address alteration
Further, re-read the sender’s email address. Ensure there are no letters missing. Attackers can fake it just by changing a one character with a very similar one. Or they exclude a letter. For example you could see:
paypl.com
c1bc.com
Read slowly.
4. Identify inconsistencies: subject line and email body
Then, always check again without opening the phishing email. Is the subject line in sync with the initial words you see from the body text. For instance, the subject states “Notification of your package.” The first words you see in the email body are “Hurry, don’t miss” This is a red flag. Don’t open it.
Sometimes, only the mere opening of a message sends malware to your entire computer. Due to fact that phishing emails exist on one huge hyperlink. Which it carries the malicious code. You don’t really see the link before opening. Then, you see that it looks like a regular email if opened.
In addition, if everything looks good. And you verified everything from the “outside,” open the email. Check the wording, spelling, and the content. Beware of any buttons, links, images. Hover your mouse over every button, link, image or attachment. Analyze each item by hovering your mouse.
Once spotted, at least select and mark it as “Spam.”
Still not sure if it’s a phishing email & what to do? Contact the specific institution by phone or in person visit them. It could be a regular place, such as a bank branch. Confirm with them particularly about the email. If necessary print out a hard copy.
Have fun with all what you’ve learned. Take the phishing emails quizz. [HINT: withgoogle.com is a valid Google website]
And a helpful link from CRA, Canada Revenue Agency how to recognize phishing emails what to do about fraudulent messages.
To protect more from phishing emails what to do when you receive them iQWeb specialists are here to help.