Have you received an email saying you have missed a parcel, but did not order anything?
Could this be a phishing email?
Emails have become an essential method of communication in our business and personal lives, from household bills to Christmas party invites. With our mailboxes filling up every day, it can be difficult to identify a malicious email, which makes this a great environment for attackers to exploit.
So, what is a phishing email and why do we need to be careful?
Phishing emails are emails sent by cyber criminals with the objective to spread malware or steal personal information or credentials. This can be achieved through hiding malware in attachments or by embedding malicious links within the content of an email. Links can be used to present the user with fake websites, for example, presenting a false login page to steal credentials. This is why cyber security is becoming evermore important within the workplace.
There are two types of email attacks which are more targeted, including:
- Spear Phishing – This is where an attacker targets a particular group of people or type of individual. These attackers will conduct research into their targets using publicly accessible information prior to the email launch. For example, they may target a particular organisation and research roles within the company beforehand. The attacker can then customise the emails to increase the likelihood of a link or attachment being opened.
- Whaling – This is where an attacker targets the ‘whale’. An attacker could email a CEO or CFO with an urgent issue, such as a legal issue for example. It is also common for attackers to impersonate senior roles and use this false authority to get a user to action something, such as asking for an urgent payment to be made.
These malicious emails are very common and are continuously catching people out. It’s no wonder – we all have busy lives, and they look so real… or do they? Here are a few signs to look out for:
Sense of urgency
Phishing emails will include wording to add urgency to the request. For example, ‘this link will expire in 24 hours’ and ‘this needs to be actioned immediately’. By increasing the urgency, users are more likely to act first and think later.
Spelling mistakes and terminology
Do you see any spelling mistakes? Is the grammar correct? Make sure the terminology used fits your industry and doesn’t include any expressions you don’t commonly hear.
Is this email consistent with previous emails? For example, does your boss normally write ‘cheers’ instead of ‘thank you’. The greeting of the email should meet the correct formality and should be signed off appropriately. If a document is attached, does the format seem appropriate. For example, an invoice shouldn’t be in a word document format.
Review the domain used in the sender’s email address. Is the company name spelt correctly? Have you received emails from this contact before? For example, ‘email@example.com’ or ‘firstname.lastname@example.org’. It is common for attackers to use similar domains to catch people out.
Are you expecting this communication?
Have you been expecting any communication about a missed delivery or does this organisation normally send you attachments? If it’s not expected, be cautious.
If you are still unsure on the email, contact the sender via other means to confirm its legitimacy. Go to the official website to find the contact details, or if you work with them give them a call. It is better to be safe than sorry, especially if it’s a big request. Many courier websites also have features you can use to look up tracking references. One note of warning would be to make sure you don’t use any contact details from the original email.
So what do you do if you receive a phishing email?
Firstly, don’t panic, the presence of the email in your mailbox does not mean you have been compromised. Make sure you do not click on any links or attachments. Many email software providers offer features to report phishing emails, which will also remove the email from your mailbox. And finally, spread the word. If you are in an office of people, warn those around you, you might have noticed something they didn’t.
Keep your eyes open and don’t worry, IntaForensics are here to help. We offer incident response services and consultancy services, including practice phishing campaigns and workshops.
To find out more about our services Tel: 0247 77 17780 to speak with a member of the team or fill-in our online contact form.