How to figure out if an email is genuine or “phish-y”
We have all gotten those messages. The ones that state we’ve won the lottery despite never buying a ticket, or that some unknown relative has left us a great fortune, or the ever prominent one where a Nigerian Prince threatens to split his inheritance with us and all we need to do is give up some information. We just need to click a link, send the person on the other end our bank account information, or input our social security number to get rich quick, right? Unfortunately, whenever you do this, you may find that instead of your bank account growing, it is instead dramatically thinned out. Even worse, attackers could get access to something even more valuable: your data. These types of emails are a common type of email scam called ‘phishing’ where attackers pretend to be someone else and ask for your information. Whenever you give the information out, it gives the attackers a way to get into your private data and your bank account. Even for people who are experienced in the ways of the internet, phishing attacks can be difficult to detect as attackers make more and more efforts to trick us.
Thankfully, all phishing attacks have a few red flags in common that you can train yourself to identify, and with a bit of practice, you can keep yourself and your data safe from attacks.
How Phishing Works
Phishing works whenever an attacker pretends to be someone you would trust, trying to get you to open a link. For example, you might get a strange email from someone pretending to be your bank, a workmate, or a business you frequent. They will then ask you to click on a link or perform an action in the email.
Whenever you do, the attack can install malware onto your computer, steal funds or make charges to your credit card, or even steal your identity. Phishing is also very dangerous for companies, because a phishing attack that gets through employees can get through security and other safeguards.
This can be the opening to a larger data attack that can compromise the company’s information, leak hidden data, and can put everyone at risk. So no matter what, it’s important that you know how to detect these phishing scams and how to defend yourself against them.
What Most Phishing Attacks Have In Common
It is very understandable to be worried about phishing attacks. They can cause devastation to individuals and companies alike. However, most phishing emails or texts have a few things to watch for that most phishing attacks have in common.
1. “Phish-y” Email Addresses
One thing that may tip you off that an email is not legitimate is an email address that does not match the expected sender. If the email claims it is from a legitimate company but does not come from an email address associated with that company, it should be cause for concern. Most attackers cannot gain access to a legitimate company email and simply hope that the recipient takes them at their word. You can check the email against legitimate emails from the same company to further see the differences. Keeping an eye out for ‘phish-y’ email addresses is a great way to prevent most attacks.
2. Spelling and Grammar
Another way to detect a phishing attack is to examine the contents of the email. Phishing and scam emails tend to have worse grammar and spelling and have awkward sentence structure. If it looks like the email should be run through a spellchecker, you might want to consider that it isn’t legitimate.
Additionally, the email might have inconsistent and informal wording. For example, the email could use phrases that are not common in the workplace or business environment. The word ‘dear’ or other informal language from someone you don’t have a casual relationship with is also a red flag.
3. Sense of Urgency
Phishing emails will often require you to perform an urgent action and try to get you to panic: You need to log into your account now, claim the money now, and click on the link now. A common tactic is to state that your account has been hacked, and you must log in immediately to change the password. This is done so that people do not have time to think about their actions and will take steps they wouldn’t usually take if they had time to consider. Most legitimate emails will not require such urgency.
4. Too Good To Be True
Finally, many phishing emails are too good to be true. Any emails offering money, or expensive items for free, are almost always too good to be true, especially if they are asking for personal information in return. No legitimate company will ask for your social security number or account credentials in exchange for a free set of Airpods. Trust your gut, and don’t be afraid to report the email to your IT team and move on.
Who Is At Risk?
Everyone is at risk for phishing attacks, whether you are an individual on a personal device or part of a company, because phishers and data scammers cast a very wide net. They send out thousands of emails to thousands of people, confident that no matter what, someone somewhere is going to fall for their scam and give them access.
Whether you are a normal person or the CEO of a big company, no one is immune to getting these emails. Often, people working either at the bottom rung of companies are good targets because they are gatekeepers to their internal workings and often aren’t trained to recognize phishing emails.
What To Do If You Are A Victim
Sometimes accidents happen, and you slip up and get caught on the hook of a phishing attack. If you are a victim, here are some of the things you can do to keep yourself safe and prevent an attack like this from happening again.
Phishing Recovery As An Individual
One of the first things you will need to do is take a deep breath. Phishing attacks often rely on the urgency to get you to do something, such as entering a password before a 24-hour time limit is up. However, continuing to be reactive is precisely what the attacker is hoping for. Often, it prevents you from taking the steps needed to mitigate the damage.
First, record everything. If you entered your email or password into a scam webpage, record exactly what you entered, try to take screenshots, and do whatever you can to gather information. If you have downloaded a dangerous attachment, instantly turn off your Wi-Fi and disconnect from the internet. You might be able to prevent the virus or the attacker from getting a firm grip on your computer and all your data.
Then change your passwords for all the affected accounts and any other accounts that might have the same password. You should also change your security questions, recovery emails, and anything else that helps you get into the account. Then make sure to scan your computer to remove any viruses, either by using software or by working with an expert who can professionally clean your drives.
Finally, take the time to keep an eye on your bank or email accounts. If the scammers are making moves with your data, you’ll be able to see and report it. If your identity has been stolen, reach out to the Federal Trade Commission or Credit Reports to mitigate the damage.
Phishing Recovery As A Company
If a company is recovering from a phishing attack, it can take a while to sift through everything and see what has been stolen, affected, or exposed. The first thing to do is disconnect the affected device from the internet and the network. You don’t want an infected device causing problems for your entire network, so isolating the virus is the first step. Additionally, if you logged into a fake website, make sure to go to the actual website and change the credentials.
If you have a Managed Service Provider, you should immediately report the attack to them. They can help with your data recovery, and help you figure out your next steps. Your company will also need to report the attack to the Federal Trade Commission. Finally, scan the affected device for malware and try to determine how much damage it can do.
Moving Forward After A Phishing Attack
Whether you are a company or an individual, recovery from a phishing attack can be done. You just need to make sure that you have learned from the attack, are more cautious when opening and interacting with emails, and work on prevention. Keeping your emails safe with programs and other defensive measures is crucial to preventing phishing attacks from getting you on their hook again.
Implementing Multi-Factor Authentication is one of the best ways to mitigate the effects of phishing attacks. Multi-Factor Authentication gives you an extra layer of security if an attacker gains access to your credentials through a phishing attack, and may prevent them from being able to use those credentials to access your accounts.
For example, a website might ask for your username and password, but it will also text a numerical code to your phone if MFA is implemented. Hopefully, a phishing attacker doesn’t have access to your phone, so you would be able to get into the website while the attacker wouldn’t be. Having two or more steps to your verification will be one of the easiest ways to prevent hackers from getting into your data.
Recent Attacks in the News
Phishing attacks are more common than we think, and despite how much we know about them, they keep happening. Here are some of the most recent phishing attacks in 2022.
The Attack On Trezor
With everyone trying to get into cryptocurrency, it was only a matter of time before someone attacked crypto wallets. However, the popular email service, MailChimp, was compromised on March 26th, 2022, sending phishing emails to people who have cryptocurrency wallets made by Trezor.
Other cryptocurrency areas are getting attacked in a similar manner, and although the attack was found and halted, emails were exposed, and attackers were able to access data from them. The affected email owners were notified, but it still was something that shook the cryptocurrency industry to its core.
The Attack On Spokane Regional Health
On February 24, 2022, the personal information of almost 1,200 residents of Washington was exposed. An attacker accessed these clients’ medical data and protected information at Spokane Regional Health. While no social security numbers or financial data were exposed, medical information, first and last names, and other data were leaked.
The Health District stated that their staff failed to recognize a phishing scam, exposing the data and getting into the system. In order to handle these threats better and prevent this type of attack from happening again, the District is requiring extra training and communication so their employees can recognize phishing attacks.
No matter what field you are in or where you work, nearly everywhere can be vulnerable to phishing if the proper precautions and training are not taken. So making sure that everyone involved is educated about how to handle a phishing attack goes a very long way.
Needless to say, phishing attacks can be detrimental to not only businesses, but any individual who accesses emails or text messages. We must constantly be on high alert against these attackers. However, hopefully these tips will help you recognize these attempts and get you ready for when you inevitably face one of these phishing emails.
Do you have a plan in place for if you or your employees fall victim to one of these attacks? Edge Networks can help! Our Advanced Cybersecurity Plan can provide your business with employee security awareness training, phishing simulations, and even help you put a plan in place for incident response and disaster recovery. Schedule a complimentary 30-minute consultation to find out how Edge Networks can help your business.