Tips on How to Recognize a Phishing Email

Recently our internet probes detected several massive phishing campaigns aiming at banks mostly located in Europe. All of them are fitting the same patterns and an educated user could easily spot them. Since phishing campaigns could lead to identity theft, financial loss, and data compromising, let’s look at these 7 tips that help you recognize how to spot these phishing e-mails. But first …

Let’s talk Phishing numbers

Phishing attacks or phishing scam are with no doubts one of the biggest security challenges today and not only for banking institutions. Phishing attempts have grown 65% in the last year (according to the PhishMe’s Enterprise Phishing Resiliency and Defense Report) and this year the number will be probably even higher. Why? For fraudster the creation of a phishing site is relatively easy, in fact every month approximately 1.5 million new phishing sites are being created. So, without much effort fraudster can easily mimic a legitimate site, put it online and then sent thousands of e-mails to lure credentials and get quickly full access to the victim’s banking account. Not too much effort indeed. The list of signals below, comes from years of ThreatMark’s Security Operation Center experience scrutinizing phishing campaigns and collecting data from our probes across the Internet:

1. Suspicious Sender Address

In many cases, the e-mail address is suspicious at first glance. By looking at it you can spot a different domain not related to your bank’s domain. Often the domain is very complicated and very long, sometimes containing expressions such as „well-known“ to confuse more experienced users. Watch out for similar looking domains (1stbank.com vs. lstbank.com). If you receive a suspicious e-mail from someone you know, double-check the sender address first.

2. Call-to-action Button

The purpose of every phishing e-mail is enticing your credentials, mostly via submitting some form located somewhere on the Internet. The attacker wants to lead you there through some link or button in the e-mail body. Do not click on those, unless you know where they are going. If you want to be sure, hover over the link first, the real URL address will appear in the left bottom corner of your internet browser.

3. E-mail Inaccuracies

If the content of the suspicious e-mail contains grammatical mistakes or typing mistakes on visuals parts are broken, you are most probably dealing with a phishing e-mail because usually Banks use proof-read templates and do not make this kind of mistakes.

4. Request for Sensitive Information

Do not send any sensitive information, ever! Most of the banks do not request this information through e-mail at all. So any message requiring an update of your banking account info via e-mail is an attempt to entice your credentials. Nowadays attack vectors can also involve fake mobile applications so you better double-check the origin of the application even from Google Play.

5. Mail Attachment

In most of the cases banks never send attachments. If you receive such an e-mail from a bank, confirm its validity with your bank by phone. Attachments can contain malware of different kinds, such as ransomware and keyloggers.

6. Too good to be true

Probably the oldest strategy regarding phishing e-mail is sending over information about an amazing win. If your bank informs you that you have won a large sum of money or a voucher for an expensive gift, it is very likely that you are dealing with a phishing e-mail and you should be very cautious and contact your bank immediately.

7. Pressure and emotions

If the e-mail plays with your emotions, eliciting curiosity, sense of urgency or fear (virus detected, account expired, card expired, low balance) you are probably facing a phishing e-mail.

Summary

With these simple tips in mind you will be able to better recognize phishing e-mails and in combination with common sense, you can significantly lower the risk of being a cyber-crime victim.

And Banks are not helpless either. There are ways for Banks to prevent phishing using different techniques, such as scanning billions of e-mails for potential signs of phishing (searching for the mentioned name of banks, used bank’s logo in those e-mails and so on) and other methods involving sophisticated ways to spot waves of phishing even before they start.

Lukáš Jakubíček

Pre-Sales Consultant

Working for ThreatMark allows me to use my diverse set of technical and interpersonal skills I have developed for over 10 years working in the IT & Online Marketing Industry. Writing about cyber threats is only one of my duties, most of the time my colleagues and I assist and help our clients to find new and better ways on how to efficiently fight against the online fraud.

Connect me on LinkedIn Send me an e-mail

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.