10 tips to identifying a phishing email

In this modern-day, tech-savvy world, we would like to believe that we could never be fooled by a social engineering scam or phishing attempt. Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity via electronic communication. The reality is that it is easy to catch someone in this way.

Here are 10 tips to look out for so that you do not become another phishing statistic:

  1.  Do not trust the display name – a phishing tactic is to spoof (imitate) the display name of an email to give it an air of legitimacy. If you click on the name, you will notice that the address differs from the display.
  2. Look but do not click – hover your mouse over any links embedded in the body of the email. If something seems even remotely strange, do not click on it.
  3. Check for spelling mistakes – brands usually do not make careless mistakes. This is an easy tell. Cybercriminals also do this purposefully to target less observant users.
  4. Analyse the salutation- legitimate businesses usually use a personal salutation with your first and last name rather than a vague greeting.
  5. Beware of urgent, threatening language – this is a common strategy to create a sense of panic or to entice you to use poor judgement.
  6. Review the signature – if you cannot find the sender’s details or information on how to contact the company, this is probably a phish. Legitimate businesses always provide contact details.
  7. Do not click on attachments or links – including malicious attachments that contain viruses and malware is a common phishing tactic used to damage files on your computer, steal passwords or to spy on you without your knowledge. Do not open any email attachments that you were not expecting.
  8. Do not ever give out your personal information – legitimate companies will never ask for personal credentials via email.
  9. Consider whether you have a relationship with the company that has sent the email – if you receive a message from a company that you do not deal with, assume that this is a phishing scam and ignore it!
  10. Do not believe everything you see – phishers are good at what they do. An email may look convincing and even display the company logo, but this does not mean it is legitimate. Be sceptical! If a message makes you feel even slightly unsettled, do not open it.

By Farhad Rahaman

Edited by Jenna Delport

Follow Jenna Delport on Twitter

Follow IT News Africa on Twitter