How to recognize phishing message?

How to recognize phishing message?

We often receive email messages that are so-called phishing attempts. Phishing is a technique where scammers try to extract certain information from us, such as personal or financial data. Criminals often do this by impersonating various companies, such as courier services or banks.

I frequently encounter, both in private and professional life, that people struggle to distinguish whether an email is genuine or fake, whether it’s safe to click on a link, or whether it’s advisable to log in to a website.

Many people don’t know what to look for when checking such emails. Today’s post will serve as a guide that you can use whenever you have any doubts about whether an email is suspicious or not. As a general rule, it’s better to treat every email as suspicious and only then verify whether the message is legitimate.

Below are 10 points you can use for verification:

  1. Checking email messages should begin with verifying the sender’s address. It is essential to confirm whether the sender’s address originates from the legitimate company’s domain. For instance, if you receive an email containing the DHL logo (DHL is often exploited in such attacks, hence the example), and the sender claims that you need to pay an additional 1.53 PLN for a shipment, it is evident that the sender’s address should belong to the DHL company’s domain. If it does not, there is a high probability that the message is not genuine. If the email address contains typos, additional characters, or unnecessary numbers, forming a random sequence, or if it is excessively long or complex, at this stage, you can conclude that the message is likely malicious. Some time ago, I published a post detailing which tools to use to verify whether a website address can be considered malicious. Take a look at it.
  2. We check the title and content of the message. At this stage, it is advisable to check whether the message contains spelling and grammar errors. In the Polish language, we have a slight advantage, as it is a challenging language, and not every automatic translator handles it correctly and converts it accurately. Malicious messages often include phrases such as „dear user,” „respected citizen,” „dear recipient,” and we often encounter pressure from the sender, along with an unjustified sense of urgency and threat resulting from not performing the requested action.
  3. Attachments and links. It is crucial to check if the email contains any attachments and links. Pay attention to whether the attachment’s name is related to the content and the subject of the message. Attachments often have strange extensions, such as exe, scr, zip, dll, or rar. If your message has an attachment with such an extension, there is a high probability that a virus is concealed in the attachment. Regarding links, similarly to the example of verifying the sender’s address, you should check whether the link in the message leads to the company’s website mentioned by the sender. Let’s use DHL as an example. If the message states that you need to click to redirect a shipment, the link should also lead to the DHL website. How to check it? It is best to hover over the link with your mouse, without clicking, and the destination address will appear in the lower left corner after the click.
  4. Check if the message implies that the recipient is offering you something for free, such as a reward, tax refund, or any other benefit, such as a discount. Sounds suspicious, doesn’t it?
  5. Check if the message includes a request for providing a verification code, for example, for a bank, or a request to log in. Often, these logins to banks or other transactional services are precisely linked to receiving a reward, as mentioned in the point above. If the sender asks you to make a transfer, a purchase, or any other transaction, remain vigilant.
  6. Check if the message contains your personal information, such as your name, surname, address, phone number, or PESEL (Polish national identification number). If the message includes your password and the criminal demands ransom for not disclosing it, it is likely a malicious message. In most cases, messages containing such personal data or passwords are malicious because this information often comes from leaks that are frequently officially available on the internet. What to do in such a case if the password shown in the email is used in any service? You should change it immediately and, under no circumstances, respond to the messages.
  7. Credibility. It’s also worth checking whether the message is credible. Is there any sensible reason for someone to contact you on such a topic? Is what is contained in the message consistent with the truth? Does the message contain any inconsistencies or even absurdities?
  8. Often, attackers refer to some previous communication. Therefore, it’s advisable to check whether you’ve corresponded with such an email address before. You can simply search your email history to see if such an address has appeared in your past communications.
  9. It’s also essential to check if the content in the message aligns with official sources. For instance, if you receive a message about a tax refund, verify on official government websites whether such a tax refund is possible. If you receive a message with a funding proposal, check whether such funding programs indeed exist.
  10. If the message you received triggers any suspicions, uncertainty, or pressure from the sender, and it seems inconsistent with reality or unexpected, refrain from responding to such a message.

I hope the points I’ve presented will help you assess the credibility the next time you receive a message, and you won’t encounter any more difficulties in identifying or evaluating potential threats.

Good luck! 😊

Komentarze

Nie ma jeszcze komentarzy. Może zaczniesz dyskusję?

Dodaj komentarz

Twój adres e-mail nie zostanie opublikowany. Wymagane pola są oznaczone *