How to Spot a Phishing Email

How to Spot a Phishing Email

It has recently been brought to the GGF’s attention that there has been an influx of phishing emails being sent as of late. The GGF would just like to clarify what a phishing email is, and how you can look out for them.

What is a Phishing Email?

It can be easy to fall victim to a phishing email, so it’s important to know what you’re looking for when you receive something that’s not quite right. 

You can detect phishing emails in a number of ways, so keep your eye out for these red flags:

• The sender is using a free public domain email, such as google mail or yahoo. While it may be common for your customers to contact you using their personal email address, it is a little more suspicious when a company uses one. It’s quick to check the legitimacy of an email address by typing the company’s name into a search engine – before cross-checking the email domain against the website’s URL. 

• The domain has spelling mistakes. Anyone can purchase a domain name, so make sure you’re looking closely and reading the domain correctly.

• Make sure the email isn’t poorly written. It has the correct grammar, punctuation and it just makes complete sense.

• All phishing emails have one thing in common – an infected link or attachment that the scammer wants you to click on or download.

A suspicious link can be spotted if the destination address doesn’t match the context of the rest of the email. Unfortunately, many legitimate and scam emails hide the destination address in a button or image, so it’s not immediately apparent where the link goes to.

Keep Yourself Safe Online

To be safe, here’s how you can train yourself to check the link destinations before opening them.

• Hover your mouse over the link
• The destination address appears in a small bar along the bottom of the browser
• On a mobile device – hold down on the link to show the link destination.
• Never assume an unsubscribe link is safe in an email. Always hover over it with your mouse to see what the real website URL is. If the unsubscribe link is in a suspected phishing email, don’t click it — ever.  
• An infected attachment contains malware and in a typical example, the scammer claims to be sending an invoice. Once open, the document unleashes malware on the victim’s computer which could perform any number of criminal activities.

We take every precaution to ensure we are protected, but ultimately we have limited control of what we can prevent and phishing emails may occur.

It’s recommended that you contact your IT provider to check your computer is up to date with a firewall & antivirus software. You can also use an Email Security Gateway Solution that works as a filter to prevent fraudulent emails passing through.