Forense Digital

How to Spot a Phishing Email

28 abril 2020
Artículos

What is a Phishing Email?

Phishing emails are a common form of Social Engineering utilized by cybercriminals to trick you into handing over personal information about yourself or sensitive information about your company. These phishing emails are designed to look like legitimate emails from a business or colleague, but in fact, they are from bad actors trying to get you to perform an action like clicking a link, giving away your password or downloading an attachment that infects your computer with a virus, malware or even ransomware.

5 Ways to Identify a Phishing Email

Despite posing and looking like a legitimate email, there are always a few key giveaways that a trained eye can spot to help identify a phishing email.

1. Personal Information

A phishing email will ask for personal information, requiring you to go to a website, reply to the email or otherwise respond to an email by providing this personal information. Anytime an email asks you for personal information, this should immediately raise suspicion.

Personal Information Phishing Email

2. Poor Grammar

Keep an eye out for spelling errors or poor grammar in an email. If an email sounds titled or uses odd phrasing, this should raise a red flag. Legitimate emails come from marketing departments trained in communication.

Does the email address you by name or in a generic way, such as Dear Customer or Account Holder? Legitimate emails will often address you by your name.

Poor Grammar Phishing Email

3. Suspicious Attachments

If you receive an email from a company or person with an attachment, the threat level should immediately be raised to high, especially if the email came out of the blue. This attachment is likely to be a malicious trojan virus that will attempt to install malware or ransomware on your computer.

Suspicious Attachment Phishing Email

4. Panic Content

Many phishing emails require you to take immediate action. These emails are trying to get you to act rapidly instead of rationally. This tactic increases the cybercriminals' success of duping their victim.

Panic Content Phishing Email

 

5. Call to Action

In order for a phishing email to work, you must respond to the email and perform the steps laid out by the bad actor. Restore your account, protect your security or update your password are all common “Calls to Action” that a bad actor might use to deceive their victim. If an email contains a "Call to Action" asking you to immediately respond to the email, it should raise a flag.

Call To Action Phishing Email

What Should You Do if You Have Received a Phishing Email?

  1. Don't panic.
  2. Don't click on any links or attachments.
  3. Check with the alleged sender by picking up the phone and calling them.
  4. Report the email to your company.
  5. Mark the sender as junk or spam.
  6. Delete the email.
¿Recientemente le ha afectado una catástrofe?

Nuestros consultores están listos para ayudar.

Acerca del autor
Lars Daniel
Lars Daniel, EnCE, CCO, CCPA, CIPTS, CWA, CTNS, CTA
Practice Leader
Digital Forensics

Mr. Lars Daniel is the Practice Leader of the Digital Forensics Division. Mr. Daniel has qualified as an expert witness and testified in both state and federal courts, qualifying as a digital forensics expert, computer forensics expert, cell phone forensics expert, video forensics expert, and photo forensics expert. He has testified for both the defense and prosecution in criminal cases and the plaintiff and defense in civil cases.

¿Como podemos ayudarle?

Contamos con expertos en múltiples disciplinas en todo el mundo. Hable con nosotros y lo ayudaremos a encontrar el experto adecuado para el trabajo.

 Envista Forensics Logo
Explore nuestro sitio

Ante un desastre, nuestro trabajo es resolver problemas complejos para nuestros clientes. Servimos a pequeños y grandes propietarios de negocios, sin importar en qué parte del mundo se encuentren y sin importar el problema al que se enfrenten.