In 2019’s final quarter, RSA Group reported that 60% of all fraud attempts employed phishing tactics. Amid the current crisis, this figure seems likely to rise with cybercriminals taking advantage of the unprecedented situation to exploit organisations and individuals with bespoke campaigns and more complex strategies.
While most people are aware of phishing emails, there can be no doubt that knowledge of their existence alone does not offer a guaranteed defence against them. Time and time again, private citizens and employees in government, education and business sectors are hoodwinked by these malicious messages.
Put simply, a phishing email is designed to access a company network or personal computer, steal a user’s identity or fool a target into parting with funds. The best defence is immediate identification. The following are five signs to watch out for that indicate an email you have received may be part of a phishing attack.
1. Urgent action required
A favourite phishing ploy is to apply instant pressure. By putting their intended victim in a state of panic, they make them more susceptible to attack.
The message content may tell the recipient they are late with credit card payments or even owe money to the government. If you panic and try to resolve the problem by clicking on links included in the content, you could cause malware to be downloaded to your computer or network or be lead to a fake site where your credentials can be stolen.
2. Badly written emails
If the email content contains badly phrased sentences and misses words consistently, this can be a sign it was written by someone whose first language is not English. To you, it can also be an indication that you’re looking at a phishing attack. Genuine companies use proof-readers to ensure their communications do not contain these errors before they send them out.
3. Requests for personal information
From bank account details and passport numbers, to national insurance numbers and account PINs, no legitimate company will ask you for personal information via email. Even if the email is branded as the company it purports to be, under no circumstances should you divulge any of your personal information.
4. All content is one hyperlink
If you find your cursor transforms into a pointing hand regardless of where it is placed on the email, the whole message is a single hyperlink. This means that a random or accidental mouse-click on your part can result in downloading malware or a virus. Always delete these emails immediately.
5. Check for public domain addresses
If you receive a suspicious email that claims to be from a sender you trust, always check the address is not a public domain such as @outlook.com or @gmail.com. A registered business will have its own domain name, so if the email comes from a public domain, it is likely to be at best unwanted spam, at worst something more malicious.