Since phishing emails look like they’re from a trusted source, they can be very convincing. But even a well crafted email can have some tell-tale signs that it’s not legitimate. The email address is the key that may give away a phishing email. Here are some things to look out for:

1- Typosquatting Domains:

These are domains similar to legitimate domains but with slight misspellings. For example, an attacker may use a domain like “[email protected]” instead of “[email protected].” Most people would miss the slight difference in spelling, but it’s a dead giveaway that the email is not from Amazon.

2- Sub-domain Spoofing:

With this tactic, attackers trick users into thinking that the email is from a trusted company using a splitting technique. For example, in “[email protected],” the “google.security” part of the domain looks legitimate, but the actual domain is “spammailer.com.”

3- Top-level Domain Spoofing:

This is a more sophisticated type of phishing where the domain and subdomain are legitimate or close to legitimate, but the top-level domain is different. For example, “[email protected]” looks similar to “[email protected],” but Microsoft may not own the .website top-level domain. This type of phishing crosses the spam and phishing filters more easily.

4- False Display Names:

When you receive an email, the first thing you see is the display name. This is the name that appears in the “From” field. Attackers tend to use the names of well-known companies or individuals to make their emails look more legitimate. If it’s a more personalized attack, they may even use the name of your boss or a colleague. This type of phishing work on mobile devices where the sender’s email address isn’t shown by default, and people just see the display name on the first window.

Other than the email address, there are some common indicators in the email itself that may suggest it’s a phishing email:

  • A common tactic is to create a fake sense of urgency or say that there’s time-sensitive information in the email. This prompts people to take action without thinking about it.
  • Unexpected attachments or unknown links in the email are other red flags. If you’re not expecting an attachment from the sender, don’t download it. And if there’s a link in the email, hover over it to see where it’s actually taking you. The link may look legitimate at first glance, but when you hover over it, you may see it taking you to a completely different website.
  • Attackers ask to maintain confidentiality to prevent victims from discussing the email with others and potentially figuring out it’s a scam. Phrases like “please keep this email confidential” or “for your eyes only” are also common in phishing emails.
  • Most professionals and businesses don’t use free email servers like Gmail, Yahoo, or Hotmail for work-related communication. Though some legitimate businesses do use these services, it’s still a red flag.

How to Address An Email Phishing Attempt?

  1. If you think you’ve received a phishing email, don’t panic. Report it to your IT or security team immediately. They can determine a real threat and take the appropriate steps to protect your organisation.
  2. Phishing is a punishable offense by law. You can report it to your local law enforcement body.
  3. In addition, take steps to notify the people who may get impacted by the email. This includes colleagues or customers that may get attacked by similar emails.

Source – Titan HQ