Industry Insights and the EAI Blog

Jun 26, 2018

3 Warning Signs That the Email Your looking at is Actually a Phising Attack

By Kwame Essieh

Every day thousands and thousands of phishing emails are circulating in inboxes across the world. In one particularly large attack in 2017, according to Forbes, around one million Gmail accounts received the same phishing email.

Typically, a phishing attempt aims to gather personal information about the recipient, allowing the cybercriminal to steal your identity, download malware, or access your accounts, computer, or network. While the vast majority have telltale signs that they are fraudulent, including blatant misspellings and poor grammar, others appear perfectly legitimate, especially at a glance.

However, even some of the most well-crafted phishing emails have warning signs that hint at their malicious nature. If you aren’t sure whether an email is legitimate or a phishing attack, here are three of the red flags you can typically find in even the most sophisticated attempts.

1. Mismatched URLs

Most phishing emails will have links in the body of the message. But, legitimate emails can contain links too, so simply being asked to click on a link isn’t inherently a warning sign.

However, if the embedded URL and the text used for the hyperlink don’t clearly relate to one another, then this should be treated as a red flag.

Before you click on anything in any email you receive, take your cursor and hover over the link. If you use Outlook or Gmail, this will reveal the hyperlinked address. If the address you see doesn’t match the link displayed or connect to a logical destination, such as the sender’s website, then it’s probably fraudulent.

2. Misleading Domains

Many phishing attacks rely on the fact that many people aren’t familiar with DNS naming structures, or how domain URLs are put together. Typically, child domains of legitimate pages will begin with the name of the subpage followed by the primary domain.

For example, subpage.mainwebsite.com is an appropriate structure in many cases. But mainwebsite.com.unfamiliarwebsite.com is not a legitimate part of mainwebsite.com’s domain.

Similarly, mainwebsite.subpage.com isn’t a proper structure either, as, in this case, subpage.com is actually the domain in use, not mainwebsite.

If you hover over a link and see an odd structure to the URL, don’t click it. There’s a strong chance that it is a phishing attempt.

3. Direct Threats

Many phishing attacks rely heavily on scare tactics. They want you to believe that, if you don’t click the link, something horrible is going to happen.

Typical threats used in phishing attacks include saying your account will be closed, your assets will be seized, or that government or law enforcement officials will arrest you. If you see a threat that appears to be unreasonable, don’t click any links as they are likely malicious.

If you feel like you need confirmation that nothing is wrong, contact the organization that seems to have sent the email directly. Don’t use any phone numbers or addresses listed in the message. Instead, look these up yourself by heading to their actual site or look the information up through a search engine, ensuring you aren’t connected to a scammer.

By taking the time to examine the points above, you can decrease your odds of falling victim to a phishing attack. However, if even those aspects seem legitimate, if you are suspicious, it’s always wise to contact the organization directly using the technique above. Ultimately, it’s better to be safe than sorry, so take the time to be certain before you click on any link.