Phishing & Malicious Email Characteristics
Approximately one billion malicious spam emails are sent every day. Whilst some of these messages can be easily identified as untrustworthy, socially engineered emails continue to become more sophisticated in appearance and malicious in content and continue to cause havoc for tech companies in Sydney. Below are tell-tale signs and characteristics of phishing attacks seen by Small Businesses.
1. The email makes unrealistic threats or demands.
Intimidation has become a popular tactic for phishing scams. Phrases such as ‘urgent action required’ or ‘your account will be closed’ are common, unrealistic threats associated with phishing messages.
2. There’s a catch.
The recurring trend of a phishing campaigns email is that eventually there will be a catch, for example you may be asked to send money for expenses or fees. This is an immediate sign that the email is fraudulent.
3. Poor spelling and grammar.
The majority of socially engineered emails disguise themselves as a well-known company e.g. PayPal, Apple, Facebook etc. However, these sorts of emails are usually littered with poor grammar and spelling errors. This is indicative of a fraudulent email as a multi billion-dollar company would not distribute an email that is in-cohesive.
4. A mismatched or dodgy URL.
A study by the ABS concludes that 30% of people click links to fake website in untrustworthy emails despite knowing it was most probably malicious. To check whether an embedded link in an email is trustworthy, hover your mouse over it, if the hyperlinked address is not concurrent with the embedded link then it is most likely malicious and going to a phishing website.
5. You are asked for sensitive information.
Regardless of the sender, you should be highly suspicious of any email that requires you to disclose sensitive personal information such as credit card numbers, account numbers or passwords.
Most recently, spear phishing emails impersonating Bank of America employees were attempting to extract sensitive information from bank users. Any email asking you to send through information that could be compromised is most likely to be fraudulent and somebody trying to gain access attempting to steal sensitive data.
What can I do to prevent this?
 As an individual…
Be aware of the characteristics of a phishing email and if you do receive one report phish it to the Australian Federal Police or contact Scamwatch
Maintaining vigilance in all online interactions is the best coarse of action regardless of whether that’s by email or instant messaging. Check the email address, phone number, and text message for validity to prevent identity theft.
As a business…
Milnsbridge specialise in Managed IT Security for businesses, we have a managed spam filtering system which on average filters 13,000 emails containing spam, anti phishing, malicious attachments or blocked content daily.
If you are concerned about your cyber security, talk to Milnsbridge Managed IT Services today by calling us on 1300 300 293.
Let us know what you thought of our article below.