How to Diagnose a Phishing Email

All of us have received suspicious emails in our inbox.  Some of these messages can even fool our firewalls and anti-virus software.  It is very important that we know how to decipher these messages as a second line of defence from these security attackers.  In this post, we’ll show you what to look out for and how to protect your organization. 

Interested in a downloadable copy of this article? Click here.

An Example Of A Phishing Email:

1. Hover over from email address: John.Smith@abccompany.com

  • You can see what initially appears as an email address can be altered.  You need to hover over it to see the exact source. For example, it could actually be sent by hackeremail@differentdomain.com, rather than what it appears.
  • Ask yourself: is this email coming from a real sender?

2. Hover over the link: View project online link to see what the true URL link location is.

  • Ask yourself: is this is a trusted site?  Would the sender send me this email to direct me to another site? Is the domain trustworthy?

3. Be wary of links: “click here“, “your message is waiting“, “view project online“, these links are usually sending us to the outside world.  These links can be altered to read something other than the real link.  

4.  Main message – use common sense defensive questions: is this sender asking for money, passwords, or access, or viewing?  Would a real sender ask me this kind of message? (for example, if a phishing email is tailored well to have the Manager’s email address, would my Manager ask me to send him Bitcoins)?

How To Defend Against Phishing

  1. Spam filtering is the first line of defence. It will determine if the majority of the messages coming in are legitimate or not. If the email is well crafted it can fool spam filtering.

  2. If the email gets delivered to your inbox, then YOU are the second line of defence

    .
  3. If you mistakenly click an email or get sent to a site with malware, firewalls, anti-virus programs and a good IT team is your final defence.

If you do click on a link, a good firewall should be able to block the virus. The content would be blocked from being opened to your local machine.

Web filtering should also be enabled on your network. For example, if the link tries to take you to a website that is located in a suspicious country it should automatically be blocked.

A good Unified Threat Management (UTM) will determine if the source of the link is a good source or one that should be blocked.

It doesn’t matter if you have a very secure system in place. It only takes one untrained staff member to be fooled by a phishing attack. Make sure that both you and your staff understand the telltale signs of a phishing attempt.

How To Protect Your Business From Phishing Attacks

Download Free eBook

  • Learn what common tactics phishers use to trick employees
  • Learn what systems you can put in place to stop them before the inbox
  • Learn how you can protect your company today

Recommended Posts