Sunday, December 16, 2018

10 Tips on How to Identify a Phishing Email

The more cautious you are, the more informed you are, and the more you think before you click, the better you will be against phishing.

"Phishing" is the term used for a popular method of hacking in which personal information can be stolen by an e-mail, fraudulent website and or fake forms.
For example, a hacker may attempt a phishing attack by disguising the email as if it were a legitimate one from your bank, for example.

A  Gartner study says "95% of digital attacks start with phishing." Given this scenario, it is essential to understand this attack and how to protect itself, so we separate some tips on how to identify a phishing Email attack.

10 Tips on How to Identify a Phishing Email
@Incapsula

The Phishing email is a type of coup that uses technological mechanisms, usually based on messages, to persuade and deceive people, with a specific goal, which varies from attack to attack.
Phishing attacks today have increased in complexity and size. Another attack group, called Spear Phishing, differs from traditional methods because they are more targeted and targeted attacks in the form of a campaign.

The Verizon Data Breach Investigations Report (DBIR) 2016 shows the number of users who opened the phishing emails, which looks incredible at 30% and, even more worrisome, about 12% opened the attachments. With that in mind, we've listed some simple yet essential tips to pay attention to when reading your emails.

HOW TO IDENTIFY A PHISHING E-MAIL

1. VIEW THE SENDER'S EMAIL ADDRESS
One of the favorite phishing tactics among cybercriminals is to fake the sender's name. This is a problem because many inboxes show only the sender's name in the "From:" field, and at first glance we suspect nothing. Check the actual address of the sender and if it looks suspicious, do not open!

2. PAY ATTENTION TO THE LINKS!
Hover over all the links in the body of the email. If the link address seems strange, do not click it. If you want to verify the link, open a new window and enter the site address directly. Suspicious links are a strong indication of a phishing attack.

3. LOOK FOR MISSPELLINGS
Companies often use email as a form of communication and therefore pay close attention to messages sent to customers. Legitimate messages usually do not contain massive misspellings or grammar errors. Read your emails carefully.

4. ANALYZE HOW THE MESSAGE IS ADDRESSED TO YOU
If the email addresses you vaguely, as "dear customer," stay tuned! Companies often use a personal greeting with their first and last names.

5. DOES THE E-MAIL REQUEST PERSONAL INFORMATION?
Another clue that the email is, in fact, malicious. Legitimate companies and banks do not, under any circumstances, request personal information through e-mails. So do not give 'em!

6. BE WARY OF EMAILS WITH URGENCY OR THREATENING TONE IN THE SUBJECT
Cause a sense of urgency or fear is a typical phishing tactic. Be careful about emails that claim that your account has been suspended or your account has had an "unauthorized login attempt."

7. THE SIGNATURE CAN SAY A LOT ABOUT THE INTENT OF THE EMAIL
The lack of detail about the sender or how you can get in touch with the company says a lot about the intent of the email. Legitimate companies always provide contact details.

8. DOES THE EMAIL HAVE UNSOLICITED ATTACHMENTS?
This is one of the most common phishing tactics and may indicate the attack. The malicious attachments contain malware that will give access to the hacker and is one of the main vectors of other cyber attacks. So do not click on any attachments you were not expecting.

9. Reputation of IP
You can quickly identify the IP address of that e-mail sender, and then check its reputation in the  Sender Score, the Return Path website. This tool reveals a score (0-100) that will give you some insight into the sending and performance history of sending IPs. The lower the score, the lower the reputation and the greater the chance that the email will be a phishing or spoofing attempt.

10. AND, FINALLY, DO NOT BELIEVE EVERYTHING YOU SEE
Just because an email has a convincing logo, language, and an apparently valid email address does not mean it's legitimate. Be very critical when it comes to your emails. If it seems minimally suspect, do not open it!

CONCLUSION

Hackers are getting stronger and stronger. If before they just wanted to invade systems, today they attack the human element, using phishing attacks to target individuals and gain access to personal networks or systems.

According to a research company based in the United States, the cost of cybercrime is expected to reach $ 6 trillion per year by 2021 - double the $ 3 trillion in 2015. The information is part of the 2016 Cybercrime Report, a study released by Cybersecurity Ventures.

According to the same study, 90% of executives say they are not prepared to deal with large-scale cyber attacks. In 2016, the hacker group AnonSec invaded several servers from different NASA networks, through a single computer infected by phishing. There were more than 270GB of data stolen, including sensitive information from the agency.

It's clear that we need to be prepared on how to identify phishing emails, so including these little tips in your day-to-day life can make a big difference.

No comments:

Kindly post a comment