What is Phishing?

Phishing is swindling people to gather their account credentials of a specific website, credit card details, strategical information of their company, infecting computers for botnet attack. Proactive and reactive protections against adversaries are not always sufficient since scammers target people who do not know how to protect themselves. Companies try to educate their employees to avoid being hacked. So, how do detect phishing emails?

Here are quick tips for identifying phishing email attacks.

Public Domain Names

@gmail.com, @outlook.com, @hotmail.com are public domain names. These domain names are not used by corporate email accounts. Corporate email accounts have their unique domain name such as @prismacsi.org. Public domain names generally belong to personal email accounts. If you see an email from a public domain name but the content is like an email coming from a corporation, then it might be a phishing attack.

detecting phishing emails — Figure 1: Example of a phishing email from a public domain address

Misspelled Domain Names

Scammers may want to send an email from an account that does not have a public domain name. They may try to imitate the company to be more convincing.

Directing to Login Page

If the email wants you to log in via a link, you should suspect that email. Most companies do not offer you to log in via a link because it is suspicious. You should go to that website from a new tab and log in from there.

Poorly Written Emails

Scammers might not be native English speakers. Therefore, there could be some typos. It does not always be mistaken letters. Grammatical errors also cause suspicion. If you see a typo or a grammatical error in an email, look for other evidence to prove the email is a lure.

phishing email — Figure 3: Grammatically invalid email. It also redirects to an unknown page.

Uncommon Phrases From Known People

If you have emailed a specific person for a while, you probably know his/her template of writing (e.g., salutation and valediction). If there is uncommon writing, you should suspect that email.

If the salutation does not contain your name (e.g., Dear Customer, Dear Account Holder, …), it must be sent to a lot of receivers. This is suspicious.

Suspicious Attachments and Links

Do not open the attachment unless you are very sure that the source is legitimate. Also, do not open the attachments that have the extensions: .exe and .zip. Otherwise, the attachment may contain malware and infect your machine. Moreover, an infection may spread to other computers connected to the same network. Infection can get login credentials, credit card details, or company-related information.

Legitimate companies do not send you attachments, they generally direct you to their own website, and you can find the document there.

Scammers hide the links with buttons or short links. When you hover your mouse over the link/button, the exact address will appear on the right bottom of your browser. You can check the original address. If you use a mobile device, hold down on the link, and the original link will appear as a pop-up.

It is beneficial to care if the link starts with HTTP. HTTPS is the secure version of HTTP. It encrypts the data traveling over the internet. If the link starts with HTTPS, then it is hard to read the request and response between the client and server.

Creating Urgency

Scammers create a fake urgency so that you do not have time to think if that email came from a legitimate address.

Here is an example of such an email.

Employees could be shy about verifying the email especially if it is coming from their boss. Companies should understand the reason why their employee requests a verification and even sometimes they should congratulate their employee for their caution.

Awards and Gifts

Another suspicious email content is that scammers might want you to believe that you gained an award. There would be a link to gather the award, but it is probably dangerous. Do not rush into getting the award.

There could also be gifts that some marketing companies offer you. These fake awards and gifts try to make you surprised so that you will not suspect of them.

Do not forget! Scammers likely to make you surprised or feared so that you will not have time to suspect of them.

Signatures

Some companies’ employees have a specific signature which indicate that the email coming from a legitimate source. If the signature is different or not exists at all, there must be something suspicious. Contact with that person to verify the email source.

Sources