How to tell the difference between a phishing email and a real one?

Today it’s more difficult to trick technology than a person. Social engineers have sufficient experience deceiving people, even leading specialists and heads of departments. How to stay as aware as possible?

Imagine, you receive an email — 40 seconds will be enough to check it:

Look at the sender’s address and think whether you have anything to do with this organisation. Have you contacted it? If it’s sent by a bank, for example, you don’t have an account in, just close it and delete.

An email might seem “official” — there is a sender, there is an email confidentiality notice and an employee’s email signature. But the offer to follow the link and the very link are quite suspicious, and when you hover the pointer of a mouse over it you see a completely different address.

This will be enough to realise that the email is fake. The attachment should also trigger attention — a file might have a very small size (276 Byte). A document having even one single word will be of a bigger size.

The next thing to check is the phone number indicated in the signature. We can Google the number and probably see the reviews of affected users.

40 seconds are over, it’s high time this email be deleted and your colleagues — warned.

An overall to-do list:

1. Doubt everything. The address of a sender can be forged. Wasn’t expecting an email? It’s a reason to critically assess an email and be as paranoid as an information security specialists can be.

2. Check the content if it’s in another language. Phishing is an international problem, but not every scammer can speak other languages perfectly or spend money for professional translation.

3. Pay attention to the sender. Is it a familiar company? Does it exist? Is the signature real: a phone number, physical address, type of ownership, etc.

4. Don’t hesitate to ask in order to make sure. Call to the company which sent you an email — find a number on the official website, don’t call the one you see in an email, and make sure whether they contacted you. It is completely alright to suspect something, especially is there are strange files attached and links to follow.

5. Don’t click the strange-looking link. It’s probably an attack. Hover the pointer over it to see the real address where it takes you. A couple of letters may be changed and they won’t be an obvious scam, but that’s why it’s important to pay attention.

6. Don’t open an attachment you don’t trust. There are free online services, such as virustotal.com. They will process the attached file with the help of multiple antiviruses at once.

7. Don’t shun antiviruses. Many popular antiviruses check not only your PC, but your email as well — don’t disable the function and listen to the messages your antivirus gives you.

If you get a phishing email to your corporate address, it will probably find your colleagues too. Inform your system administrators and information security specialists about it.

BEC attack is one of the most popular phishing types of attempts. The purpose of BEC-attackers is to make users trust them. Users will do everything themselves — will install malware, make a payment or send some confidential details.

It might be someone who is disguised as a subcontractor, the purpose of an email and the way of communication are quite plausible. The only thing is that the purpose is more of a requirement than an inquiry: “follow this link”, “download the archive/document”, “make a payment as the invoice is expiring”.

This is the key feature of a scam email — its subject is about a subsidy or grant which should be paid, regulatory requirements regarding financial terms, request from a former employee — anything to make a person believe the violator really knows the matter which is being discussed.

Leading Analyst at , I’m here to address those human factor risks many businesses often neglect or aren’t even aware of