You probably already understand how damaging a phishing email can be, especially if you run a business. If you or one of your team is tricked, you may find your network infected with anything from viruses to ransomware, and you may suffer significant costs as a result.
Unfortunately, phishing emails are becoming far more sophisticated; no more can you depend on the promises of a deposed Nigerian prince to tip you off that’s something is wrong. Nevertheless, there are still some common red flags, and it’s well worth taking the time to learn them.
Do Hyperlink Addresses Look Dodgy?
People are commonly fooled by anchor text – the words that form the clickable text of a hyperlink. If the anchor text seems legit, you might just click the link without checking where it goes. Instead, hover your cursor over the hyperlink until the actual web address comes up below. Phishing emails will typically use dodgy domain names that either look similar to a real address or completely random.
Is the Email Address Suspect?
Next, check the email address. Phishing emails can easily set the name of their accounts as ‘Lloyds Bank’ or ‘HMRC Tax Services’ in order to trick people. However, they won’t be able to send those emails from legitimate email addresses, so check the actual address of the sender instead of their given name. You’ll often find that a phishing email will be sent from a completely random email address.
Was the Email Sent at an Odd Time?
Most phishing emails take the shotgun approach – they send out as many emails as possible, hoping that one or two people will take the bait. This means that emails are often send out en masse at slightly odd times. If an email was sent at 2.44am instead of during normal business hours, you should be careful.
Are You Being Baited?
At the end of the day, a phishing email is only as good as its hook. To do its job, a phishing email has to make you take some kind of action – usually clicking a link or opening an attachment. Not all links and attachments are cause for concern, but you should be on alert if an email is trying to entice you to take a certain action. It’s common for something of value to be offered, although some emails may promise to help you avoid a negative consequence.