B.I.S.S Research White Papers

10 Ways to spot a Phishing Email

Marc Briggs

Marc Briggs

Think for the future - failing to prepare for an event where business operations are disrupted could have a severe impact on revenue and reputation. With a workplace recovery solution, you can minimise the risk of unexpected downtime.
Share on twitter
Share on linkedin
Share on facebook
There’s a good reason Phishing scams are increasing, it’s because they’re successful enough for cyber criminals to make massive profits from them! While this is happening they’ll never disappear. Fortunately, there are ways to avoid becoming a victim.

Here is a very simple Top 10 list to help you spot Phishing Emails:

1) Don’t trust the display name

Just because the email says it’s coming from the name of a person you trust or know doesn’t mean that it is. Check the senders email address and confirm the true sender.2. Think before you click

2) Think before you click

Hover over links that you are unsure of before you click on them. Do they direct you to where they are supposed to go? If the text looks suspicious or doesn’t match then do not click on it!

3) Check for Grammar & Spelling Issues

Attackers some times overlook the ‘quality’ of the content in their emails, check to see if the message is grammatically correct.

4) Look at the salutation

Is it a vague message? Is the message addressed to “Valued Customer” or “Dear [Insert Title]”

5) Never give out personal information

Legitimate organisations will never ask for your personal information in an email – when in doubt go to the website directly.

6) Beware of urgency

Phishing emails try and make it sound like there’s some sort of emergency happening (for example the Boss needs £10,000 transferring now else a supplier is going to cut you off. Or, my personal favorite: the Nigerian Astronaut who’s stuck in space who needs your help!) https://www.telegraph.co.uk/news/newstopics/howaboutthat/12160621/Nigerian-astronaut-lost-in-space-email-419-scam-sweeps-the-internet.html

7) Check the email signature

Most legitimate senders use a signature block at the end of their messages. Check this to see if it matches up with whoever sent the email.

8) Be careful with attachments

Attackers will try and hide malicious code in attachments that aren’t what they say they are. It’s very easy to create a fake icon for Word, Excel or even a PDF. If you open the attachment you could be in a world of trouble.

9) Don’t be too trusting

If something seems slightly off, it is better to be safe than sorry. Is this message really worth it?

10) When in doubt contact the person/website directly

If possible, pick up the phone or visit the website of the organisation directly. It’s better to inconvenience yourself than to put yourself at risk.

Remember there is no single fool-proof way to avoid phishing attacks. 

Marc Briggs

Marc Briggs

Think for the future - failing to prepare for an event where business operations are disrupted could have a severe impact on revenue and reputation. With a workplace recovery solution, you can minimise the risk of unexpected downtime.
Share on twitter
Share on linkedin
Share on facebook