No announcement yet.

Detecting Phishing Emails

  • Filter
  • Time
  • Show
Clear All
new posts

  • Detecting Phishing Emails

    When an attacker attempts a phishing attack the attacker may likely not have done reconnaissance on the targets because the nature of a phishing attack is that a phishing email may go to a very large group of targets. Some times these attacks target thousands or more users opposite spear-phishing that target one individual or a small group of people. The multitude of targets make it impossible to create a very personal and directed phishing email.

    Some tell-tale signs of a phishing email includes
    • The source of the message seems to be from a bank, company or social site.
    • The message may seem very generic.
    • The message have a sense of urgency.
    • It may contain a vague or veiled threat.
    • Sometimes contain obvious spelling errors or grammatical mistakes.
    • The message may contain links to spoofed websites.
    • Often phishing emails will contain offers that are too good to be true.
    • It may include official-looking or reasonably professional logos.
    • The message may have suspicious looking attachments.
    • Include content sounding professional but seems out of context or misplaced that may be copied from other websites.
    • The message may contain only text and no graphics to make it look authentic and processional.
    • The message is not addressing the target by correct name but rather pieces of the target email address.
    • The message asks for, or links to a web page that asks for personal or classified information.
    • It may include links to sites not using https, web sites using invalid/unsigned certificates or signed certificates that are free.

    Spear-phishing messages may be composed in such a way that they are harder to decode as phishing. Some times spear-phishing message seems to come from someone in your email address book or someone you know. These kinds of phishing attacks are based on a lot of reconnaissance from various sources such as social sites.

    In general it is healthy to be skeptical and demand verification. Never take a persons word for being who the person is claiming to be. A true professional organization will never ask you to hand over personal or classified information over emails, texts and similar. If a legitimate verified organization asks for personal information in text messages, emails or other insecure media without the possibility to encrypt or otherwise secure the message, the best way to react is to kindly decline and point out the risks and ask for alternative ways of delivering the needed information such as in person on the organization premises.
    Certified Security Geek