1. Sense of urgency
Cyber attackers are opportunistic and take advantage of fragmentations that surround chaos. Whether it be natural disasters, extreme changes in the economy, or worldwide pandemics, where there is chaos there are impulsive decisions being made. The attacker’s goal is a clear one which is to get you to take action on the email. Their message inspires a sense of urgency by suggesting something is at risk if you don’t take action. Risks can include losing money, your account being closed, or other impending negative results.
2. Suspicious sender address
Look closer, the domain name on that email sent from your top client isn’t what it seems. Attackers can easily buy a domain name that is close to the domain name in the email you are expecting. This is called “Spoofing” and it’s easier than you think. For example, you regularly get emails from Bob@acmebank.com. This time the email comes from Bob@acrnebank.com. The “m” being replaced by “rn” is subtle yet it’s a completely different domain and therefore not who you expect it to be.
3. Generic greeting
If you aren’t addressed by name in the email, the alarms should go off. Typically if the attacker is casting a “wide-net” while Phishing, they will use generic greetings to start the email that doesn’t include your name.
4. Spelling and grammar mistakes
Spelling and grammar mistakes are key indicators of a Phishing attempt. Legitimate companies take the time to proofread communications before publishing. Some examples include run-on sentences, misspelled words, and missing punctuation marks are all signs that the email is not legitimate.
5. Link to invalid domain
Phishing attempts are pointless unless the attacker can get you to take some sort of action. The majority of the time they are trying to collect sensitive information. A common way to do this is to redirect you to a fake online form. The link and the title of the link are often different.
6. Suspicious attachments
A more malicious tactic is to attach hostile files that, when opened, give the attackers complete access to the network. Now, the victim is no longer just the one user, it is the entire network and it’s at the mercy of the attacker. Also, they can use the control they now have to target your contacts from your email platform. Common file types used include .PDF, .DOC/.DOCX, and .EXE files. However, attack techniques are always evolving.
We help small business grow through the smart use of technology.
Is your business technology helping you grow or slowing you down?
Wherever you are in the world, we can help your business grow.