Phishing emails are a particularly nasty form of spamming as they attempt to trick you into believing that the email comes from a trusted person or organization to make you hand over personal information.
We have compiled a list of guidelines to assist you in identifying these types of emails.
- Stop phishing emails from reaching inboxes: You can do this by using anti-phishing software. You can find many of these available to purchase with many different options like tackling zero-day flaws, identifying and neutralizing malware attachments, spotting man-in-the-middle attacks, detecting spear phishing emails, solutions that are specialized for handling cloud-based email communications or other options. All of these are created specifically to prevent phishing emails from being sent to you.
- Educate end users to spot phishing: Train users, staff, etc on how to identify fraudulent emails but also provide specific guidance on how to handle suspect communications. Provide guidelines on how to spot suspect emails based on commonly observed historical patterns and also a set of best practices to avoid falling victim to emails that do manage to make it to inboxes.
- Watch for questionable grammar and spelling: Any email that includes poor grammar, punctuation or shows an illogical flow of content is likely written by cybercriminals.
- Requests for personal information: You will never be asked for personal details by an official body over email Hence, any emails messages asking you to share personal details should be marked as suspected spam.
- Email content that includes lots of warnings and looks to have been devised to instill a sense of urgency with the intent of driving the user to take immediate action should also be flagged as spam. Official bodies will rarely communicate something like this in this manner.
- Beware of shortened links: hackers use these to mask the malware infected websites that they are trying to use to steal your information.
- Try not to use a public network: Email communications that take place over public networks are usually not encrypted. This vulnerability is normally targeted by hackers to garner information including account usernames and password along with personal data. The best move is to use your mobile’s tethering and hotspot capabilities to work with its 3G/4G data connection rather than using on public networks.
- Offer of large cash rewards: You might be sent an email advising you that you have won a lottery that you never entered. This is a very obvious phishing attempt and one that most people are now wise to. Spammers are trying to bring you to a website where they can record your personal or financial data.