The FBI highlights phishing as the most common cybercrime in 2020, with a reported 241,324 incidents in 2020. Consequently, knowing how to spot a phishing email is critical due to the increasing complexity of these scams. Here are some of the best ways to detect phishing emails.
Emails Requesting Your Sensitive Information
Legitimate brands will never request your sensitive information via email. Therefore, it is always prudent to be wary of an unsolicited email demanding sensitive information, irrespective of how authentic it appears.
These emails typically contain links and attachments to confirm personal information like passwords, credit card information, banking details, credit scores, or login credentials. However, spear phishers can easily forge login pages to extract such information, so always refrain from inputting any information on login pages from emails until you are confident they are 100% legitimate.
Inconsistencies In Domain Names, Email Addresses, And Links
Phishing emails always originate from seemingly genuine addresses, and cyber criminals alter the structure of email and web addresses to appear legit. Upon closer inspection, you may find that the sender’s email address is a bogus variation intended to look genuine. For example, emails from Google will read ‘@google.com,’ so any other subtle variations like @mail.google.work or firstname.lastname@example.org are most likely scams.
Luckily, you can readily cross-check the sender’s email address against old emails from the same organization if you correspond often. This way, you can identify inconsistencies quickly and avoid falling prey to phishing scams.
Unsolicited emails with attachments should always be treated with caution because institutions usually direct you to their website to download documents or files. Also, check for unfamiliar file extensions like .exe, .zip., and .scr, since most work-related file-sharing occurs via collaboration tools like DropBox and Sharepoint.
In addition, many IT support teams recommend scanning any attachments using antivirus software before opening them since these files could contain trojans or malicious URLs.
Emails Demanding Urgent Action
Urgency is crucial to a successful phishing email scam, so always be wary of emails that instill panic. This urgency can take multiple forms, including claiming that your account may have been compromised, and you can only verify it by entering your login details immediately. Similarly, you may receive an email saying your account might be closed if you don’t take immediate action, like clicking on an attachment or link.
These emails threaten the loss of an opportunity or negative consequence if urgent action is not taken, and you can easily fall victim before studying the email for potential inconsistencies.
Grammatical And Spelling Errors
Legitimate companies send well-written emails, so an email with poor grammar is most likely a phishing scam. Also, these emails may contain deliberate spelling errors to fish out uneducated and less observant recipients, who are undoubtedly easier targets.
Unfamiliar Greetings Or Salutations
Emails with generic salutations like “Dear account holder” and “Dear customer” are likely phishing scams since many companies usually call you by name to personalize their email marketing efforts.