Cloud Technology & IT Security Specialists ask@cambridgesupport.com 01223 901 900

How To Recognize A Phishing Email

We have all received a phishing email and some have sadly fallen for the trap. It’s believed that 94% of all cyber attacks are sent via email. In this article we will teach you how to recognize a phishing email to better protect yourself.

What Is A Phishing Email?

Pronounced ‘fishing’, a phishing email is an email that attempts to con their victims by tricking them into entering their personal and account details. Once they have obtained your information the scam starts. Hackers will create new user credentials or install malware, which acts as a backdoor into your computer to steal sensitive data. We’ll now provide you with some helpful tips in how to recognize a phishing email.

Phishing Email

Check The Email Address

Phishing emails come in various shapes and forms and can be very convincing. A good place to start is by checking who the email was sent from. It is good to cross check the email domain. This is the part of the email address after the @ symbol. The name of the email domain should always match the company name. If they don’t match, do not click on any links embedded within the email. We recommend deleting the email and carrying on with your day. For example, if you receive an email claiming its from amazon, but the email is do-not-reply@apponline.net then its 100% a phishing email. In some cases, phishing emails look incredibly identical to the company they are impersonating, but the domain name should give it away.

Be Careful Of Generic Salutations

Companies that you are truly a customer of, will address the email using your name. Some phishing emails typically use generic salutations such as ‘Dear customer’, ‘Dear valued member’, ‘Dear account holder’ and so on. Emails containing such methods of addressing you should sound alarm bells. Some phishing emails dive straight into the message they are trying to promote without an introduction.  

Bad Grammar and Spelling Mistakes

Another method to identify phishing emails is by their poor grammar and spelling mistakes. Too often the way the email is written is not well structured. An email from a legitimate company is always well written, constructed, and checked for spelling and grammar errors. An email that contains many written mistakes should sounds alarm bells. In the cyber security industry, there is even a suggestion that these emails are deliberately written poorly. This is to ensure that the email will catch the most gullible people, but we can’t be completely sure of this. However, we suggest being vigilant when opening emails.

A Suspicious Attachment

Any attachment in an email should be taken with great care. The attachment could contain a trojan, which would lead to the installation of a virus on your computer. Having a third-party antivirus software installed on your device is highly recommended. Our article on antivirus software will help point you in the right direction.

The Email Message

Some Phishing emails are written in a way that evokes fear and panic. The email may state that your account has been compromised and therefore you need to login to rectify the issue as soon as possible. Hackers will also claim that your account will be closed if action is not taken immediately. These are all strategies to usher in a quick reaction. We highly recommend that you take time to assess the email and check its validity. If you are at a crossroads where you are unsure if the email is a scam or not, simply contact the company through another method. This is probably one of the best things you could do, as you completely remove yourself from the email and contact the company directly. The company will then be able to verify if the email was sent from them or not.

Phishing Emails Impersonating Your Contacts

Lastly, phishing emails can also impersonate a person within your own contacts. The email can appear to be sent from a friend of yours within your contact list. However, when you check the email domain its not your friend John Smith (johnsmith@gmail.com), but from john@asdfghjk.com for example. This is also more reason to double check the email domain to ensure it is not a phishing email.  

All the above are helpful best practices to train you how to recognize a phishing email. If for one minute you are suspicious, listen to your gut feeling and delete it.

Are You Phishing For IT Support?

Cambridge Support is an award-winning IT company based in Cambridgeshire. We love to help any company manage their IT systems. We have extensive experience in a range of security focused services. Cambridge Support also offer Cyber Essentials, security audits and Microsoft 365 audits.

If you have any phishing issues or anything IT related, please contact us today. We would love to hear from you and will be more than happy to discuss any IT concerns you have. For more information please contact us on 01223 901 900, or email us at ask@cambridgesupport.com