Baited and Hooked – Gone Phishing – Part 2

How do I spot a suspicious, or phishing email?

The very first thing to look at with any suspected email is the subject line.  The following are good indications that something is not quite right:

  • Maybe it’s offering you something too good to be true
  • Perhaps it’s trying to entice you with something strange or unexpected
  • Or it's just begging you to open the email
  • They're trying to scare you

Having a close look at the email address can also provide a hint.  Often the display name will look legitimate, but the actual address it came from looks strange.  For example:

              Display name:   ‘PayPal’

              eMail address:  1gaertfd41erdga4135241fdg@ppal.com

Sometimes an illegitimate email address will stand straight out, like that email from Microsoft that came from bigdaddy@msoft.com or info@ghuiwref78e34q5thui54e6t78.microsoft.com.

Attachments also often exhibit this nonsensical or odd naming.  Sometimes they may be file types masquerading as other file types.  A file by the name of attachment.pdf.html is probably not legitimate.

It is actually a good rule not to open attachments from any unknown or unrecognised source, or any other source you’re not sure of.  If in doubt, do your research, but never reply to the sender until you’re 100% they’re legitimate.

One type of phishing email that can be quite deceptive is that which look professionally sent.  These types often use graphics, fonts, and formatting that are similar to or stolen directly from legitimate sources.  A particularly famous example for Australians is one that uses Australian Taxation Office graphics and fonts to appear legitimate.  This type of phishing email will appear well-written and authoritarian.  You need to pay very careful attention to the details listed above when trying to assess emails of this type.

Often, phishing email can be distinguished sheely by a barbaric look with poor written language; as if someone wrote it in a hurry or it was written by an individual with a poor command of English.  However, phishers are becoming aware of this and are increasing the sophistication of their emails.

And, finally the Golden Rule:

Legitimate emails from reputable sources will almost NEVER ask for details they should already have.  For example:

  • A bank will not ask for you to confirm your credit card or security numbers
  • Government organisations will not ask for your identification number or full name
  • An organisation will not ask you to confirm information that could be used as answers to security identification questions, such as mother’s maiden name, first street you lived in, etc.

Organisations that are contacting you legitimately will (if it's a necessary part of the communication) provide you with that information to prove they’re legitimate.

When confronted with any email address that doesn’t look right, do your research.  If it is an organisation that you use (or have used), review past emails to check the correct addresses that the organisation or service uses and compare that with your suspect email.

Larger organisations, such as PayPal, have active phishing and hoax email reporting on their websites.  The information these facilities provides can often assist you with identifying whether you have received a legitimate email from these sources.

One final note on phishing: Phishing is also now being performed via SMS text messaging.

You’ve just been notified that you’ve won £12,000,000 in a UK lottery that you, despite living in Oodnadatta and not having any living UK relatives, didn’t even enter.  And all you have to do is click the link in the SMS to claim that prize!

Well, that link is likely to be a phishing link.  It is very likely that it will install some form of malware on your phone that will either spy on your activities, record and forward your sensitive personal information to a third-party, or install software to force your phone to mine BitCoin to make someone else wealthy.

Too good to be true?  It’s likely to be phishing bait.

For further information on Phishing:

If you'd like more information on phishing emails, or any other IT-related dangers, get in touch with us here.

Comments are closed.