Fishing for Phishing Emails & How to Spot Them

Phishing emails are often so ridiculous that you naturally pass them by without a moments’ though – probably on a daily basis. Unfortunately, however, there are many unsuspecting victims who can fall for these fraudulent messages; opening the phishing emails and sometimes even following the actions recommended within the message.

Though there is no “one size fits all” response to dealing with these phishing emails, there are a few different ways in which we can identify them – and help others as well.

Check the URL

If the message contains links to websites or other sources, spend a minute hovering over them to check the validity. Often a phishing email will contain mismatched URL’s, so the hyperlink will appear differently to the address displayed. If this is the case, the message isn’t real.

Misleading Domain Names

To understand this one, there is one simple trick you need to remember. If a domain name is linked to a legitimate site, the page you’re looking for will appear before the owner site. For example, info.domainname.com is perfectly legitimate, while domainname.maliciousinfo.com is not.

Please do note that these are dots and not forward slashes, as the forward-slash should rightly be at the end of a web link as a page from the original site. If it’s a forward slash you’re safe, but a dot should always be checked.

Silly spelling and grammar errors

Phishing emails are often created by robots or simply by people who don’t have the competency to check their spelling and grammar thoroughly. If it contains silly errors, it’s probably not legit.

Be careful about personal information

In May 2018, every company was forced to become GDPR compliant. As such, any email you receive that asks you for personal information needs to be checked – because it most likely isn’t what it says it is, and if it was then that company would be in serious trouble.

Is it realistic?

This could well be a matter of opinion, but if the offer seems too good to be true then perhaps it is. If the message makes some wild and big promises and doesn’t appear to be from someone you recognise, it’s probably not real. Add that email to spam right away.

Are you expecting it?

If you get an email saying you’ve won the lottery, despite never having brought a lottery ticket in your life? Common sense points us towards this being a scam. This goes for any sort of prize draw you didn’t enter. Time to block them!

Are they asking for any sort of money?

It might not be today or even next month, but eventually, a phishing email is likely to try its luck and ask you for money. If all the other tell-tale signs haven’t thrown up a red flag yet, this one is sure to make you think twice.

Do they threaten you?

One of the most common kinds of phishing email makes claims against you and then tries to blackmail you into giving over personal information or even money. If the threats are unrealistic and you are being accused of something you haven’t done or aren’t in any way linked to, it’s a phishing email and should be blocked.

Does it look on the surface like it could be from the government?

If they’re pretending to be a government agency, they’re not. These kinds of organisations don’t just email you out of the blue, so you can rest assured that if they claim to be from the FBI or other law enforcement agencies, they’re trying to trick you.

It doesn’t feel right

The last one relies on your gut instinct more than anything – and that is this, does it feel right? If not, trust your instinct and ignore the message. The worst that can happen is a legit message has to contact you again because you ignored the first one. But that’s better that than falling for a phishing email.

Need help with your data security? Get in touch!