How to Spot a Phishing Email

I get several calls on this subject PER DAY!! and mainly the question I get asked is: How do I spot a Phishing email?

What is Phishing?

First I will explain what Phishing is; Phishing is a way of fraudulently acquiring sensitive information, such as credit card, bank account, login details or any other piece of personally identifiable information by tricking users with official-looking email messages. They appear to have come from legitimate sources by the sender (thief) using official looking logos, company addresses, names and visual links in a hope that the recipient (you) opens the attachment or click on the rogue link to start the criminal activity (hack, infection by Trojan or malware).

What to Look Out For?

Here are a few clues on what to look out for when spotting a Phishing email.

  1. Check where the email came from, examine the senders email address. It might have come from a public email address (i.e. xxx@outlook.com or xxx@yahoo.co.uk).
  2. Look at bogus attachments, if it has a PDF, Zip or Word document attached doesn’t make it real or legitimate.
  3. PANIC!, if an email has created a sense of impending doom if you don’t act TODAY! then be suspicious.
  4. Links that sound correct can very easily be faked. This link for example should take you to our website www.rlscomputers.co.uk, when it actual takes you to the BBC website. If you are unsure NEVER click on a link and always visit the website site directly yourself.
  5. Grammer is a major clue to Phishing email attacks, sometimes the dialect is a very obvious tell but can be over looked.

What Does a Phishing Email look Like?

I have collected some examples over time, so some of these are old but still lethal (some details have been masked for security reasons). Bank_Phising1 british_gas virgin-media

rbs_screen01-mail
Courtesy of RBS: http://www.rbs.co.uk/microsites/global/phishing_demo/index.htm
Courtesy of Sophos: http://www.sophos.com/en-us/press-office/press-releases/2006/07/top-phishing-targets.aspx
Courtesy of Sophos: http://www.sophos.com/en-us/press-office/press-releases/2006/07/top-phishing-targets.aspx

SPAM_USPS

itunes_scam

What Can I Do To Stop it?

You can’t stop all of it, but you can avoid a nasty outcome and reduce it down considerably by following these guidelines.

  • Never send sensitive account information (PIN codes, passwords, account reminder phrases or mothers maiden name) in an e-mail message.
  • Never go to a sensitive site through an e-mail link; always type the site name in your browser (such as www.paypal.com)
  • Never open attachments from a untrusted or unknown source (this includes PDF and Zip files)
  • Never share your passwords with anyone.
  • If your bank requires verification, do it over the phone or in person.
  • Verify any person who contacts you unsolicited, claiming to be customer support from a company (if they have to ask who you are, then they don’t know who you are)
  • Always report fraud to the company that the thief is portraying to be or represent.
  • SPAM / Junk block the Phishing emails, then delete them.
  • Make sure you empty your SPAM or Junk folders and email bin frequently (I do it daily)!

Seek technical advice on this if you are not sure.

Contact
RLS Computer Services – IT Support
0844 334 2020
Email support@rlscomputers.co.uk
or Like Us on Facebook

You can report scams to:

Citizens Advice Consumer Helpline 03454 04 05 06 or www.adviceguide.org

Action Fraud (UK’s National Fraud Office) 0300 123 2040 or www.actionfraud.police.uk

Also some great advice and information on scams from the Norfolk County Council Consumer Advice and Protection website: http://www.norfolk.gov.uk/Community_and_living/Consumer_advice_and_protection/index.htm

 

Comments are closed.