In order to catch their victims, hackers often create a sense of urgency or fear in their emails. They may claim that an account will be deactivated unless action is taken immediately or that sensitive information is required to prevent negative consequences. Identify phishing attempts with email verification
It’s important to train employees on these common red flags and to check their own emails for them. Attackers will also spend time tailoring their phishing campaigns for specific targets (known as spear phishing). They may use public resources to collect information like a target’s job title, name or address to craft a highly convincing fake message.
Identify Phishing Attempts with Email Verification: Secure Your Inbox
Look for inconsistencies in the email’s links, addresses and domain names. For example, if an email is supposedly from Google, hovering over the link will reveal that the actual address is different. Also, be wary of misspellings and grammatical mistakes. Professional organizations take care to proofread their communications, so any mistakes should be viewed as suspicious.
Attackers may also ask recipients to perform tasks that are not normally associated with the company they say they represent. For instance, a request for the installation of software on a company computer may indicate a malicious email. Additionally, real companies will not request login credentials or payment information over email. Taking five seconds to consider an email before clicking a link or sending any information should help weed out many phishing attacks.