Most people think that network security revolves around protecting against hacker attacks. Actually, the greatest threat is from your users.
One of the most common threats to Email Security is phishing. Phishing is a threat where a thief tries to use email as a means to find out information that can be used to extract valuable information.
Phishing is where the fraudster creates an email containing a link to a website either as a link or embedded in an image. The email is sent to a mailing list usually of many thousands of recipients in the hope that a user will click on the link. The link leads to a website that can either download malware onto the user computer or simply collect user credentials. Either way, the credentials end up with the thief.
Often the spoof website is based on one familiar to the user, for example, financial services like a bank. or a trusted source like a colleague or family member.
In a more sophisticated version, spear phishing, an organisation is targeted. The fraudster collects email addresses of individuals in the organisation and creates a mailing list specific to that organisation. The process is then identical.
Email Security is a key component in an organisations anti-malware armoury. Ideally, it is part of a user’s induction procedures, regularly reinforced with updates and further education.
How can you tell if the email is legitimate or not? Here are five ways to tell.
Where it comes from
Most people don’t look at the address the mail comes from, and cybercriminals rely on that to carry out the scam. The first indicator is if the mail comes from a public email address, gmail.com say.
Another indication is that the mail domain might look like a common one, but is slightly misspelt, for example, microsott.com
The second thing to look for is a generic sender. An email from an anonymous sender, for example, “Admin” should be treated with suspicion.
You should immediately suspect an unsolicited email with attachments. To be sure, some are valid but a thorough check is necessary to weed out the fraudulent.
Two things to look out for here.
Firstly, is it addressed to you, or is it a generic greeting? If it is something like “Dear User”, then it could be a phishing email.
Many cybercriminals do not have English as their first language. As a result, the email could contain spelling and grammar mistakes. It could also use a language style that is very formal but uses words out of context.
Often the scammer will write the mail in their native language and use something like Google Translate to convert it to the target language. As a result, it may contain all the right words but not necessarily in the right order or context. It can unwittingly give rise to some real howlers.
It also may try to create a sense of urgency by using threats such as mailbox deactivation, or inducements to respond, for example shopping vouchers.
Some messages are created by running a mailmerge from the distribution list against a template. This can result in funnies where the distribution list information is incomplete or not applicable to the template.
Check out the sig. Make sure that the contact details correspond to real contact details for the organisation or individual.
If the email if from an organisation and there If there is no sig or contact information be suspicious. It’s probably a fraud. In some jurisdictions, legal bits are needed in emails from financial houses. If these are missing, it is a fraud.
Be very cautious of embedded website links in the email, particularly in emails from strangers. Sometimes the link is hidden in an image, so don’t click on that cute kitten picture. Hover the cursor over the link to see where it will take you and if it looks odd don’t go there.
Phishing is a real problem, and despite all the cautionary tales, people still fall for it. As the Sarge in Hill Street Blues said: “Be careful out there”.