Almost every day, users become victims of so-called phishing emails.
Therefore, in this short post, I would like to point out the details that can be paid attention to in order to identify malicious emails.
Phishing emails can vary greatly, most usually contain file attachments or links. Below I explain two examples of how you end up in the mailbox almost every day.
#1 File attachments
These attachments often contain malicious code, which is executed when opened. Here, the effects can range from the installation of adware (e.g. unwanted adverts in the Internet browser) to the complete compromise of the system.
These can either lead to websites that load malicious code via drive-by downloads and have the same impact as file attachments. Or the user is redirected to a website which is a copy of a login (e.g. savings bank, PayPal, amazon, etc.). If the user enters his access data there, it is transmitted to the attacker so that he can take over the respective account.
How do you recognize these emails?
- E-mail sender
In addition to the displayed name, the actual sender should also be checked. A displayed name “PayPal” with the sender email@example.com makes little sense.
Emails which are sent at 03:38 do not speak good working conditions of the sender…. Of course, these are often sent by so-called bots, which do not pay attention to the local time.
A general and impersonal salutation, such as “Dear Sir or Madam” or “Dear Customer”, can also be a sign of an automatically generated phishing e-mail.
- Spelling & Formatting
Reputable companies do not send emails with gross spelling or formatting errors (As a rule ;-).
No name under “Sincerely yours” or false information about the company are also an indication of a phishing email. Check even trivial things, such as the company’s registered office, when you receive such emails. This is as trivial to find out as a correct spelling. For example, Amazon is not based in “Amazon EU S.a r.l. (Societe a responsabilite limitee), 3 Rue Paerer, L-2358 Paris” 😉
With these fairly simple control steps, many phishing emails can be detected and safely deleted. For more information on technical protection options and user awareness, just contact me.
Finally, here is the announced example of a spear phishing email as it could have been sent in July 2017. This would have a much higher probability of the attachment being opened by the recipient than the above example.