Latest News

We all know that cyber security threats are out there and that we need to be alert for them. But that general advice doesn’t give businesses the practical tips they need to spot attempts to get valuable data and information from employees. 

That’s why this blog has seven specific flags you can circulate to all your staff to help them spot phishing attempts. 

1. The ‘sender’ line

Most attempts at social engineering rely on using something familiar to lower your defences or build trust. The ‘sender’ line is a good place to start when screening for attempts to steal data. Of course, it would be too simplistic to say ‘never open an email from an unknown sender.’ Ideally, that would be true. But many of us work in jobs where we interact with prospects, potential partners and suppliers who we might not have spoken to before, or who might have taken over from a trusted contact.

That’s why looking closely at the organisation name is a good second line of defence. If you work in a business that regularly receives inbound emails from unknown senders, then examining the second half of any sender address is useful. 

Tiny typos in the senders name (e.g. Micorsoft Support) and hyphens or underscores in the name can sometimes give away malicious senders.

2. The ‘to’ line

The other thing worth a close look is who else the communication went to. If there are a lot of other recipients, or the recipients are all strangers to you it could simply be a sloppy attempt at a cold email. But it’s also a decent giveaway of a lazy phishing attempt where the sender has failed to use the ‘BCC’ field to mask other recipients. Another dead giveaway is if the other recipients have similar names or initials to one another, which indicates a hacker simply copy pasted the email addresses from a database.

3. Hyperlinks

We are all conditioned to click on hyperlinks in news stories and social media posts. Phishing attempts take advantage of this split-second reaction to embed malicious links inside emails. Whenever you’re reading an email with a hyperlink start practising ‘the pause’. Hovering your cursor over a hyperlink will reveal where it will take you if you click. Chances are it will be a website that’s designed to install malicious software or to harvest your data by posing as a copy of a reputable website like that of a bank or social media site.

4. Check the date

This is a little less reliable as an indicator of phishing if you often receive emails from contacts in other time zones or have an industry where working odd hours is common. However, for more typical 9-5 jobs and industries an email sent at 2:43 in the morning might indicate that it came from a less than trustworthy source.

5. Check the subject line

If the subject line doesn’t fully match the content of the email, or contains multiple abbreviations like “FW” or “FYI” don’t rush to open it. 

6. Be very wary of attachments

Attachments are a huge red flag of phishing emails. Most people are rightly suspicious of attachments from unknown senders. But more sophisticated phishing attempts will compromise a trusted contacts email which lowers the barrier to opening a file with malicious contents. 

If in any doubt, follow your cyber security protocols before opening an attachment. 

7. Pay close attention to the content

This is where those spelling and grammar lessons from school really pay their dividends. Subtle errors in expression, spelling and grammar can all signal a phishing email. 

More obvious attempts to play on emotions are also worth looking out for. This type of social engineering might play to our curiosity (click this link or open this attachment to see something surprising / interesting), our base emotions (“this is scandalous” / “you won’t believe this”) or fear (e.g. by saying there is a compromising or embarrassing photo attached that you need to verify). 

Feel free to copy paste the link to this article or the text of it into an email to educate your staff about phishing emails. If you’d like to take the next step and level up your cyber security protocols and even run a (completely secure) phishing simulation contact CyberUnlocked to learn how we can help.