What is Email Phishing?
Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and money), often for malicious reasons, by disguising as a trustworthy entity in a electronic communication.
Phishing emails may contain links to websites that distribute malware.
There are two types of email phishing:
- Phishing emails that come to you
- Phishing emails that come from you
You need to know how to protect yourself, your users and your business from phishing.
Identifying Phishing Emails
Phishing groups and hackers are constantly changing their patterns to improve both their targeting and the effectiveness of their emails in order to exploit users, but there are a few characteristics in common for every phishing email.
Let's take a look at the below email from ABSA Bank as an example:
- "From" domain and Return Path Domain will not match
If "From" and Return Path do not match and the Return Path looks random or shady, it's a good chance you have a phishing email.
To check this, either hover over the from address or view source code to see the headers of the email, which will show return address.
For example, the from address you see can be something like email@example.com where the return address can be firstname.lastname@example.org
- There is an attachment
If you are required to download anything, typically an HTML file, that you did not ask for - then it is probably a phishing email and may contain malware. Most attachment types can contain malware.
In the example below, you see an attachment. The attachment type is .HTML, which already raises an alert for a phishing attack.
On further investigation, the HTML attachment opened and personated ABSA Bank's login portal, which if you had to complete the form with your credentials and click "Next", the scammers would have got your secure banking credentials and for example, you would have been redirected to a logout page as if something went wrong while trying to log in.
Do not download attachments you did not ask for.
For the below screenshot, this is where the attachment takes you.
Once filling in your login credentials, you get redirected to this page. All seems legit, doesn't it? Well, now the scammers have your secure banking information.
- There is a sense of urgency
The email will require you to "act soon" or it will cost you money. This sense of urgency makes you react before you think.
Take a breath before acting on any email that looks really important.
- Links on the page go to a different domain
Often a phishing email will include a link to click on. The goal here is to get you to click unsuspectedly on any link so they can further the con and grab your information when you attempt to login to their fake website.
Always check links before clicking on them, one way to check is to hover over the link and make sure the URL is not suspicious.
Example, if the link says "facebook" and you hover over and it shows "https://thisisfake.com" then you know that it is a phishing attempt.
Phishing emails like the one in the example, look legit, look as if they were sent from the bank or institution they are targeting. The logos look right, the fonts and colour scheme are appropriate to the original emails you would normally get, and some of the language is even straight from legitimate emails. However, when you read deeper you can see spelling mistakes, grammatical errors or other areas where it is clear the writer was not a native English speaker. Notice that in the email it says "Your statement is now in easy to access PDF format" but the email attachment is in "HTML" format. That is a red flag and should always be considered a phishing attack.
Protect yourself against Phishing emails
Follow these steps to protect yourself:
1. Communicate personal information only via phone or secure websites.
2. Do not click on links, download files or open attachments in emails from unknown senders.
3. Never email personal or financial information, even if you are close to the recipient.
4. Beware of links in emails that ask for personal information.
5. Beware of pop-ups : * Never enter personal information in a pop-up screen. | * Do not click on links in a pop-up screen.
7. Protect your computer with a firewall, spam filters, anti-virus and anti-spyware software.
8. Check your online accounts and bank statements regularly.