{Editor’s Note: We continue our look at Phishing Attacks. Yesterday, we talked about what a phishing attack is. Click here to read part one.}
Phishing Attacks — how do I detect them?
While phishing attacks are extremely common in today’s internet environment, the fortunate reality is that the vast majority of phishing attack emails that are received are very poorly written and have little chance at success. When you receive an email from an unknown person, there are several things you should look at in consideration of whether or not the email is a legitimate one:
- How is the grammar? Does it read like an email should? Or are there obvious grammar and spelling issues that indicate it may be bogus?
- Are there any links in the email, and do those links give any clues about the legitimacy of the website?
- Does the email seem just to good to be true? Are you getting something for nothing? Chances are that if it seems like that, then the email isn’t legitimate.
- Look at the sender — does the name that it is coming from and the email address that is used match, seem legitimate? Or, as in the case of an email I received today, are they so different that it is obvious?
- Lastly, is the email from a company that you deal with on a regular basis, or is it from someone that you never use?
In the image below, I’ve taken an email I received and marked it up with some details that you should look for in emails you receive. As you can see from the image, it was flagged as SPAM, so they obviously think that it isn’t legitimate.
From the top, these are the things that stand out to me:
- Notice the grammar. The subject at the top just doesn’t read cleanly. No comma is needed, and no hyphens are needed in the “for-your-order” section. Also, I didn’t place an order.
- Look at who the email is from. The “name” is Walmart-Reward Points, but the email address is listed as Dolores@wmoneyj.racing. Definitely not an email from a Walmart email account.
- I don’t shop at Walmart very often, so I wouldn’t expect an email from them.
- In the link, you need to be careful because it is a shortened link. In this case the link references a “t<dot>co” link, which is a shortened Twitter link. The reason you need to be careful, though, is that it isn’t obvious what the shortened link will translate into. Fortunately, others have worked on translation websites that will help you out. In the example above, the link in that email translates to Retail Promo USA.
In our example above, the real question is whether this is a phishing attempt or not. The short answer is maybe it is, maybe it isn’t. It could be that the website the link redirects to will prompt us for some PII (Personally Identifiable Information) that could be used to steal our identity. Or, it could be that the link will attempt to install some malware of some sort — perhaps spyware or adware that will turn our system into a pop-up nightmare. In any event, in my eyes, it isn’t legitimate.
In conclusion, the biggest factor in determining the legitimacy of an email is to rely on good old common sense. Remember the adage, people — it it sounds too good to be true, it probably is. Remember, phishing attacks are a common way that someone attempts to steal your identity. Be smart, don’t fall prey to a phishing attack.
Do you have any questions? Please feel free to leave them in the comments, or reach out to me. My phone number is 919-606-6725, my email is mike@techsolutionsnc.com, and you know the website already. Thanks, and have a great day!