Five Ways to Spot Phishing Emails
Did you know that 9 out of 10 data breaches today involve a phishing attack?
These attacks typically consist of fake emails designed to look like they’re coming from a brand or institution that you trust or do business with.
Their goal is to compel you to click a link or download an attachment, which then, puts malicious files on your computer. This can enable hackers to steal your identity, breach your employer’s systems, and more.
The best way to defend yourself against phishing attacks is to identify phony emails before you click on them.
Here are the five simple ways to spot a phishing email:
- Who's the real sender?
Make sure the organization name in the From line matches the email address between the brackets: Sam Sender <firstname.lastname@example.org>. Watch out for typos or foreign domains - think amaz0n.com or microsoft.com.ch
- Check the salutation
If you have a relationship with the sender's organization, the email should always greet you by name, not the generic :Dear valued customer".
- Hover your mouse
Use the mouse hover trick to see the full URL (web address) of any link you're asked to open. DO NOT click the link, just hover your mouse pointer over the link and the full web address will be displayed. If you don't recognize the web address, don't click it.
- What's in the message footer?
The footer of any legitimate email should include at a minimum:
- A physical address for the business
- An unsubscribe button
If either are missing, the message is likely fake
- When in doubt, hit DEL
If you don't know the sender or something just doesn't seem right with the message, simply delete it. If it's a legitimate message, the sender will resend the message or contact you some other way.