Posted on Leave a comment

HOW TO SPOT A PHISHING EMAIL

PHISHING
A type of social engineering attack that uses fraudulent communications to trick the recipient into revealing sensitive information, such as passwords, account information, and other details.

Attackers will often misuse the name, branding, or background of a trusted individual or company to make the communication seem authentic. The contents of the message are usually carefully tailored to seem either enticing or alarming, to pressure the recipient into complying.

Some phishing attacks direct the recipient to a carefully crafted website where any details they enter are subsequently stolen; others direct the user to transfer money or perform other actions in the belief that they are performing a legitimate task.

Before you open your inbox. Consider the following

  1. The bad guys will try their utmost to deceive you in thinking that their emails are real. Beware of messages that use urgency and emotion to trick you.
  2. If ever in doubt contact the sender directly and confirm the information on the email.
  3. Think twice before opening any link or attachment.
  4. If you didn’t expect an email, you should be extremely cautious. And consider the mail to be fraudulent.

Let’s look at the components of an email

The FROM field:

The sender’s email address. But beware this address can be spoofed.

SPOOFING
The act of falsifying characteristics or data, usually to conduct malicious activity.
For example, if a header on a spam email message is modified with a false sender address to hide the actual sender, it is said to be ‘spoofed’.

Make sure the email address in the FROM field is as expected. Check for misspelled words. For example, info@example.co.za is not the same as info@example.com

LINKS:

Always check if the link is pointing to the correct webpage before opening them. On a desktop pc hover over the link and on a mobile device ‘tap and hold’, to reveal the link location or website.

LINK
A navigational HTML element on a webpage can be clicked to lead the user directly to another specified element, either on the same webpage or another.

Hyperlinks (links for short) are usually specially coded words, text strings, or images. Links can be a security concern if they are deliberately set to lead an unsuspecting user to a harmful webpage.

The nefarious link will often leverage a subtle change to a known URL to trick users, such as https://login.yahoo.com.abc.com/ instead of https://login.yahoo.com/
or
https://faceb00k.com instead of https://facebook.com

ATTACHMENTS:

Never click on attachments from senders that you don’t recognize. More so, don’t open any attachments that you are not expecting to receive. Be wary of attachments with double file extensions; for example, filename.pdf.gz is not a pdf file.

References / inspiration:

https://www.f-secure.com/v-descs/guides/terminology.shtml

https://blog.f-secure.com/phishing-is-here-to-stay/