Scam email warning signs

By Suzie Cowling|6th November 2017

IT security ransomware contracts

It is now more important than ever to take cyber security extremely seriously in order to prevent an attack. As cybercriminals up their game and catch even the most vigilant of individuals via various spoofed emails, take a look at these scam email warning signs, which you and your employees should be looking out for

1.Who is it from?
The intelligence of today’s cybercriminals is unfortunately proving to work and is catching us out. Some emails now appear to be from someone you already know – an existing contact, but actually, they are an intelligent spoof. This is a very common way these criminals tempt us to click into the malicious email. Hackers do know that we are more inclined to click on emails if they are from somebody who we trust, and will use almost exact fake email addresses. Below is a quick made up example of how similar these may be:

Real: [email protected]
Fake: [email protected]

Spot the difference? The ‘walliscargo’ is simply missing one ‘l’. If you’re checking emails quickly, it’s highly likely that you wouldn’t even notice this tiny difference.

2. Check the subject for..
A sense of urgency. Hackers use scare tactics to get you to bite the bate with ‘change your password now’, ‘you’re late with your payment’ or ‘you’ve been charged £34.21’. Do not fall victim to this. Think logically – you know if you’re late on a payment, and you can check your bank account for any deductions. Don’t rush and click through the email and if you do by accident, don’t be tempted to follow any links, download any attachments or send any of your personal details to the sender.

3. And then comes the content….
What does the email require you to do? Be vigilantly aware of anything asking you to urgently update details, claim a tax rebate or send your bank details. Hackers will try anything to get you to click through. Don’t trust it unless you are absolutely 100% sure it is safe. Another obvious, tell-tale sign is grammatically incorrect copy. This is particularly notable when the email is claiming to be from large organisations, such as your bank. The subject line may read something like:

Mr Bloggs, Important! Changes To Your Banking Terms and Conditions and Charges and our Banking made-easy brochure!!

Note that the example above includes unnecessary capital letters, extra exclamation marks and randomly placed commas.

4. When was it sent?
By checking the time of when an email was sent, you can potentially identify hazards. For example, you get an email from your manager at 3.45am. Is this normal? Would you usually receive emails at this time from them? If not, don’t click.

It is also worth remembering that time also goes for the time of year. Around holiday seasons, and at the end of the tax year, cyber criminals are working overtime as more financial information is being shared on line and on line transactions are typically a lot higher.

5. Who is it addressed to?
A lot of the time, hackers will send many phishing emails to many recipients at one time. If you’re copied into a strange email, or don’t know who any of the recipients are, this should be a warning sign to not click on anything.

6. Check the hyperlinks BEFORE you click
If everything looks legitimate in the email, still don’t be fooled. Be even more vigilant by hovering over the hyperlink and checking the destination URL. If it doesn’t match what the description in the email is referring to, DO NOT click on it. If it is completely random, DO NOT click on it. Ensure that you are 100% safe to click before you do. If it is appearing to be from a colleague, or existing contact, contact the sender directly via phone to confirm  whether or not they sent the email.

7. Attachments
Next, we move onto attachments. While they may seem harmless, some can contain malicious variations of malware. Generally, if you are not expecting an attachment, don’t open it as may be fraudulent. Another sign to look out for is the file type. Duplicate file types at the end of the file name is a strong indication that the file is compromised, for example “docx.docx”, as well as the well-known exe files that are common threat vouchers for email.

8. Will it delete?
And finally, will the email delete from your inbox? If you swipe right to delete the mail and your phone displays a message like: unable to move message to the mailbox trash, this is a sign that the email is a scam. Depending on your device, contact the manufacturer for assistance with deleting unwanted email.

Content provided by our partner, Inty