What is phishing, phishing is the fraudulent attempt to obtain sensitive information or data, such as usernames, passwords, credit card numbers, or other sensitive details by impersonating oneself as a trustworthy entity in a digital communication. Phishing can be attempted by email, SMS, phone calls or even social media posts.

There are many ways of social engineering that these impersonators use to capture the information they are after, in this article we concentrate on phishing emails.

Regarding phishing emails, sometimes you can tell if someone is fraudulently trying to steal your information, and sometimes you cannot. One way of spotting this, is the account of which the email you received was sent from. Your email inbox will display a name and a subject line, such as “Amazon Support” and “Your Recent Order” for example, but this is not the sender’s actual email address, this is just their display name. Majority of the time the name of the person or company sending the email matches the email address it has been sent from.

However, if the email has come from someone pretending to be who they say they are, the email will say it is from a company, but the email address that it has been sent from is somebody’s personal account, which has no similarities to the business they are trying to impersonate. When opening the email itself, many people already know, or think they know, who the email is coming from and go straight to the content without checking the sender’s email address.

 

For more information on this you can visit the Federal Trade Commission website:
https://www.consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams

No legitimate organisation will send emails from an address that ends ‘@gmail.com’. Not even Google. Most organisations, except some small operations, will have their own email domain and company accounts. For example, legitimate emails from Google will read ‘@google.com’. If the domain name matches the sender, then the email is more than likely to be legitimate. A genuine email will have the company’s name in the domain, indicating that the email was sent from someone at (@) google, for instance. Something to be careful of, is the way scammers try to replicate a company’s domain. For instance, with an Amazon domain, one way a scammer could try to replicate this domain would be to replace the letter “M” with the letter’s “RN”. This may sound odd but when written in lower case, the difference could be hard to spot if you are not looking out for it.

“@amazon.com”                  “@arnazon.com”

Another way of detecting phishing emails is the context of the email itself. By this we mean words may be misspelt, sentences written in the wrong context/order or words missing from sentences. Even though spelling mistakes are a way of spotting fraudulent activity, it should be said that it does not mean every misspelt email is a scam. It is easily done, accidently hitting the key next to the intended letter or the sender may have been in a rush, but it is still something to look out for.

Nowadays scammers use spellcheck and translation software to compose their emails, this means that spelling mistakes may not be as important when trying to spot a phishing attempt. Furthermore, with the large percentage of phishing attempts coming from non-English speaking countries, this means they heavily rely on translation devices. The problem for them is that when translating sentences from one language to another, some words are in the wrong order or even missed out completely. Therefore, it is down to the recipient of the email to read through the context and decipher whether the text makes sense.

Within these emails will be what is known as a “payload”. This could be in the form of an attachment or a link to a website, either way the intention is the same, to download malware onto the user’s computer, which can then be used for all different purposes to obtain your personal details and sensitive information. If you receive an email containing a link or an attachment, the best advice would always be to not open it right away. The best course of action would be to try and communicate to the sender through an alternative means to verify that what has been attached or linked is what it is supposed to be. There is a way of spotting if a weblink is legitimate or not, by checking the destination address is relevant to the context of the rest of the email. To check the destination address of a link, on a computer, hover your mouse over the link and the destination address should appear along the bottom of your browser. In contrast, on a mobile device, hold down on the link and a pop-up will appear containing the link.

Finally, a clear sign that an email is fraudulent is that the contents of the email create a sense of urgency and panic. This can come in the form of requiring a payment for something that you were not previously aware of. A common scenario is “your package has been held up at the depot and a payment is required for it to be dispatched,” when you have not ordered anything from that certain business. In addition, you may receive an email from someone posing as “your boss” asking you for a vital request and that “the business/senior colleagues are depending on you.” These situations can be even trickier to navigate through, even if a recipient suspects foul-play, they may be worried to confront their boss in this situation as it may still be a genuine request, implying that the boss’s email was unprofessional. Refraining from querying the request and carrying the action out can be very costly and incur irreversible damages. Therefore, it is always better to be safe than sorry, and organisations that value their cyber security may congratulate you for your caution.

Article by Jack Kiddy