Phishing mails have been a constant risk for a number of years now, and as the spammers/scammers constantly adapt in order to try to get their mails through the various measures that are put in place to block them, it has become increasingly important to learn how to identify phishing mails. This is massively important to help to protect your identity, your financial details and the login details for any online accounts you may have.

Account:

Quite an obvious one to start with, but if you do not have an account with the organisation that the mail is purporting to come from, then do not click any links within the mail! If you do, then rest assured that no organisation will ask you to send your account/login details back to them in an email, so treat any request to do so with suspicion.

Email source:

It is quite important, when trying to confirm if a mail is valid or not, to check the source of the mail. This will often be apparent, and you can look at the from address to determine if it was the claimed organisation that sent the mail. However, if it does appear to be legitimate, you can check further by checking the “Envelope” from or “Return-Path” address. You can do so by looking at the “Email Headers” of the mail. If this is different from the claimed address, and is not an address of a mass mailing or newsletter system, then you can be pretty sure that the mail is not legitimate.

Links:

If you do have an account with the organisation, then the chances are that they will not be emailing you to ask you to provide your login details, so check the content of the mail carefully. If there is a link in the mail asking you to click, it is a good idea to simply hold the mouse over the link without clicking. This should reveal where the link points to. If it is anywhere other than the official site for the organisation, then do not click it. This can sometimes be masked somewhat, in that the link will point to one domain, but contain the official domain within the rest of the link, eg. “www.somedomain.br/web/etc/www.yourbank.ie/login.php” These are obviously very shady, and you should by no means click the link.

Attachments:

If the mail contains an attachment, and the mail asks you to fill in your account details and send them back, this is without doubt a fraudulent mail. A method of phishing/malware distribution that is becoming more common is sending an executable attachment. This is typically used in fraudulent courier or voicemail emails, where the sender purports to have attempted to deliver a parcel, and emails through what they claim is a label to print in the case of the courier mails, or a voicemail recording. As with any mails containing executable attachments, we recommend not opening them, unless you know and trust the source, and were expecting the executable attachment to be part of the mail.

In to win:

Lottery scams have been doing the rounds for quite some time now, but occasionally slip through the net because of the phrasing used in the mail. These often purport to have randomly selected your email address for your winnings, which is of course a blatant lie! As with the old saying, “You have to be in it to win it!”. If you didn’t enter any such draw using your email address as the entry criteria, then sadly, it is too good to be true!

Dealing with phishing mails:

Of course the best way to deal with phishing mail is to use our Blockmail service, where we will filter for such mails. Occasionally there will be phishing mails that will slip through, as they are often phrased as ambiguously as possible to make them difficult to filter. Forwarding such mails to our support team means that we can use the details of the mail to strengthen the defences and protect you better.

Contact Topsec Technology today about how our Blockmail service can help you filter out phishing mails.