Approximately one billion malicious spam emails are sent every day. Whilst some of these messages can be easily identified as untrustworthy, socially engineered emails continue to become more sophisticated in appearance and malicious in content. Below are tell-tale signs and characteristics of a phishing email.
1. The email makes unrealistic threats or demands.
Intimidation has become a popular tactic for phishing artists. Phrases such as ‘urgent action required’ or ‘your account will be closed’ are common, unrealistic threats associated with phishing emails.
2. There’s a catch.
The recurring trend of a phishing email is that eventually there will be a catch, for example you may be asked to send money for expenses or fees. This is an immediate sign that the email is fraudulent.
3. Poor spelling and grammar.
The majority of socially engineered emails disguise themselves as a well-known company e.g. PayPal, Apple, Facebook etc. However, these sorts of emails are usually littered with poor grammar and spelling errors. This is indicative of a fraudulent email as a multimillion-dollar company would not distribute an email that is incohesive.
4. A mismatched or dodgy URL.
A study by the ABS concludes that 30% of people click links in untrustworthy emails despite knowing it was most probably malicious. To check whether an embedded link in an email is trustworthy, hover your mouse over it, if the hyperlinked address is not concurrent with the embedded link then it is most likely malicious.
5. You are asked for sensitive information.
Regardless of the sender, you should be highly suspicious of any email that requires you to disclose sensitive information such as credit card details or passwords.
Most recently, emails impersonating Bank of America employees were attempting to extract sensitive information from bank users. Any email asking you to send through information that could be compromised is most likely to be fraudulent.
What can I do to prevent this?
As an individual…
Be aware of the characteristics of a phishing email and if you do receive one report it to the Australian Federal Police or www.scamwatch.gov.au
As a business…
Let us know what you thought of our article below.