Phishing attacks are commonplace for both individuals and businesses. These schemes try to gain access to vital information to get into a corporate network or obtain money. Although there are many types of phishing, the most common way to carry out these scams is through e-mail.
E-mails containing an attachment loaded with malware ask you to click on a link. Once you click on the link, you will be directed to a compromised website. The malware then reads vital information from your system, such as usernames, passwords and other important data.
Phishing attacks are sophisticated, and it is easy to fall prey to an e-mail threat. You can always check the e-mail information online to see if others are receiving the same e-mail, which will help identify the scam. However, there are signs that the e-mail you received is a scam and should be deleted immediately.
Some extensions are automatically used in malware schemes, which include zip, exe, or SCR. If an e-mail comes with an attachment, you shouldn’t open it if it’s from an unfamiliar source.
Grammar and spelling errors
Check the spelling, grammar and general vocabulary of a questionable e-mail. Today’s businesses have spell-checking features in their computer systems. So, before sending an e-mail, the person uses automatic correction to fix the mistakes. If you see many mistakes, it indicates that the person does not have a spell checker or a good knowledge of the English language.
Warnings or a sense of urgency
Another common tactic is to threaten you. The scammer may demand that you take immediate action to avoid legal problems. The e-mail may indicate that legal action or criminal proceedings will be taken against you. The scammer creates a false sense of urgency to raise your anxiety so that you ignore all the warning signs in the e-mail and focus on the threatening aspects.
Very Little Information
Some phishing scams are very sparse, with information to keep the e-mail short and sweet. If the title says something like “attached is the information you requested,” beware. Unless you requested information, it’s all a trick to lure you into reading more.
Requesting Personal Data
Some scammers have a very sophisticated approach. They create fake landing pages that give the impression of being official. You will be redirected to a screen to solve a problem. Usually, it is an outstanding balance. No matter how official the e-mail looks, avoid giving them your information.
Language or Tone is not correct
Many e-mails are written by people whose English could be better. Nuances in words are, therefore a red flag. Another thing to notice is the greeting. The e-mail may look like it is from a friend, but would your friend start the e-mail with the salutation “Dear”? You can easily spot if something is wrong.
The E-mail was not expected
These e-mails have nothing to do with what you expected. If you have won a prize or have an outstanding debt, there are other ways to contact you. A debt collector may send an e-mail, but this is usually after talking to you on the phone. If you are not expecting anything, delete the message.
Headers indicate that you have won something
It’s not uncommon for e-mails to contain a catchy phrase indicating that you’ve won a prize or that a discount is waiting for you inside. If you click the link and open the attachment, you will only install malware on your computer. A reputable company will not inform you of such gains through a generic e-mail.
Inconsistencies and mismatches
Scammers do not spend much time or effort on potential phishing attacks. It is common to find errors in domain names, links and e-mail addresses. For example, it appears that you have received an e-mail from PayPal regarding a negative account.
However, when you click on the link to fix the problem, you notice that you are not directed to the PayPal site but to an unknown domain. Please do not click on these links, as they are malware.
If the e-mail asks you to do something out of the ordinary, this is a red flag that it is probably malware. For example, you may be asked to install virus protection that you do not yet have, to update Windows or to install a patch on your PC. Some go so far as to claim that they are from big companies like Microsoft and that they have noticed problems on your computer. Do not follow their instructions, as they will have access to your PC.
You should warn your colleagues and management if you receive an e-mail pretending to be from the company. Organisations should be aware of such threats. As an individual, you should ignore the e-mail and delete it. You can do little to prevent being targeted by these malicious e-mail attacks, but you can avoid falling prey to a scam by being wise and identifying the red flags.
These tips will save you trouble when you check your e-mail.
You can also read our guide to protecting your digital documents.