John went looking for a cyber forensic expert to get his lost data recovered from his personal laptop. The data was in fact quite important as it was related to John’s online business. Thankfully, his friend who had a CHFI online certification helped him retrieve his data. John could have lost all that data forever due to a single mistake: he clicked on an email he was not supposed to. This led to a phishing attack that had infected his computer with a malware from where things escalated quickly and John’s data and his precious business stood at stake. John learned from his mistake, and so can you. Are you someone like John, who keeps clicking on strange emails? If yes, here are 7 ways to spot a malicious mail.
1. Check email address:
The first clue that gives away a fake email is its email address or the sender’s address. Sometimes hackers will try to confuse you by replacing letters that resemble each other, like ‘m’ with ‘rn’ in the email address. For example, to a user, firstname.lastname@example.org can look like email@example.com and lead them to think that the email is an official email from a legitimate bank.
2. Hover over links:
If you are a regular internet user who browses through their computer, you will know that web browsers like Google Chrome let you see a link’s address if you hover your cursor over the link. Before you click on any link in any email, always hover over it with your mouse or touchpad. Doing so will let you see where the link is going to take you. And if that link address looks suspicious to you, do not click it at any cost. Just close the email, send it to spam and blacklist the sender.
3. Spelling mistakes:
Go on a spelling hunt and look for spelling errors in emails, especially if they ask you to take an action. The reason being that any legitimate email sender or official communication will not make a spelling mistake. Thus, spelling errors are one of the easiest ways to spot fake communication and email frauds.
4. Notice the tone:
If the tone of the email sounds urgent and asks you to take urgent action by instilling panic or fear in you, then beware, it could be very well a fake email, laced with malware. Usually, such emails are always accompanied with a button or a link that you will be pursued to click. For example, an email telling you that your debit card is going to be charged for the auto-renewal of a subscription unless you click the link and cancel it within 5 hours. In such cases, it is best to confirm with your bank or the respective authority before taking any action.
5. Never enter personal information:
Legitimate businesses never ask for your passwords, PINs, account numbers and other sensitive details via email marketing mistake or SMS. As a general safety practice, you should never give any of your credentials out on emails.
6. Check email signatures:
Official and genuine emails always contain proper and adequate signature by the sender so that the receiver knows whom to contact and how. Make sure you keep an eye out for email signatures in all your emails that ask you to open attachments or click on links.
7. Do not open attachments:
92-94% of malware is spread via emails which is why it is always recommended to ignore email attachments from unfamiliar and untrusted sources.
Following all the above safety practices will ensure that you never end up like John, at least not through emails. There’s a lot more to cybersecurity than following best email practices. If you are interested in the field, you should definitely give it a good look. There are plenty of cybersecurity courses that are in demand right now, like the CEH online course, which ranks among the top ten IT certificate courses in 2020.