Phishing emails are one of the most popular methods of getting victims to download malware that will secretly install malicious software. The aim of these emails vary depending on the scam inside. There are many different ways of distributing malicious software, from trojan malware to ransomware.
In this guide, we discuss all aspects of Phishing emails to help increase your cybersecurity.
- What are Phishing Emails
- Why are Phishing Emails Dangerous?
- How to Detect Phishing Emails
- Types of Phishing Email Scams
- Software That Detects Phishing Emails
- Phishing Email Examples
- How to Report Phishing Emails
What are Phishing Emails?
Phishing emails are the fraudulent attempt to obtain sensitive information or data, sometimes they are coercing users to enter usernames, passwords or credit card details. Other phishing emails may encourage the recipient to download malicious software.
These emails often pose themselves as credible and trustworthy entities, which helps encourage the recipients to pass over their sensitive information.
It is worth noting that phishing emails don’t only come in the form of emails anymore, some phishing emails are sent via text. However, their intentions are the same, to gain sensitive information from the recipient.
Why are Phishing Emails Dangerous?
Phishing emails are one of the most dangerous scams on the internet, nearly 65% of organisations have experienced a phishing attack in the past year. As these emails pose such a serious risk, over 20% of organisations see phishing as their greatest security threat. What makes phishing emails so dangerous is that they go undetected by regular antivirus software.
Whereas most traditional virus software needs to be downloaded and installed onto a computer to be significant, phishing emails don’t need to infect the computer to be powerful. As these emails seem to be sent from trustworthy sources, recipients willingly give up their information through the links in the email.
How to Detect Phishing Emails
Some phishing emails are very easy to detect. So easy that you may think ‘How does anyone fall for these?’ if you get one, however, many phishing emails are getting more sophisticated.
The easiest way to detect phishing emails is to train your staff on what to look for in email to prevent any attacks. Some aspects of phishing emails we suggest training your staff to look out for include:
- Check who the email address was sent from
If the email is sent from a public email domain such as ‘@gmail.com’ it is likely the email was not sent from the organisation it is posing to be from. Not even Google uses Gmail as an email server.
Sometimes the email will be sent from a malicious email address but they have changed their name to a legitimate email address. This is done to trick the recipient into thinking the email is legit. Make sure you check not just the sender’s display name but also the actual email address it has been sent from.
- Are you the only recipient?
Phishing emails are used to try and scan as many people as possible at once, to capitalise on this they send the email to multiple recipients. You can often find out if you are the only recipient by looking at the ‘To:’ section of the email. If it is blank, then multiple recipients have been included in the ‘bcc:’ part of the email.
- Is the domain spelt correctly?
One of the common aspects to look out for in phishing emails is when links are replaced with similar-looking links. For example, replacing a ‘w’ with ‘vv?. Upon first glance the link may look the same, directing the recipient to a trustworthy source, but it doesn’t.
These links may not even be in the body of the email, the link URL in the copy may be written out to the real website and it is only when you hover over the link you see that the actual link directs you to another destination.
- Is the email written well?
It’s not uncommon for phishing emails to be written poorly, with grammatical errors and repeated text. It’s unlikely the criminals who write these emails care much about their readability, they just want to cause urgency and get recipients to click the links; whereas professional companies will have a series of proofs before they send an email and are far less likely to have any poor copy in their emails.
- Are there attachments?
Most organisations will ask you to download resources off their website, rather than attaching them to a link in an email. If you receive an email from a company with an attachment be very suspicious whether it is real or fake.
- Are there suspicious links?
Along the same lines as the above point, a legitimate organisation is likely to send you an email with links pointing to either their site or to trusted sites. If you have links in the email that are pointing to third party links, hesitate before you click on them.
- Is the email addressed to you?
Often phishing emails are addressed to multiple recipients and because of this often address the email to ‘Dear Customer’ or ‘Good morning user’, rather than using your name. It is likely that the company emailing you will have your name on your account and if it is a legitimate email, they will address the email to you.
- Urgency in the subject line
Urgency can come in two forms, one provokes panic and is there to scare the recipient into quickly actioning on the email ‘Your account will be suspended in 24 hours’, the other is there to excite the customer ‘FREE iPhones for the first 100 respondents’. Both of these tactics are used to get the recipient to click on the links in the email without properly reading the email.
Software That Detects Phishing Emails
As we move online and increasingly become reliant on the internet, securing our data has become paramount. We can help with IT security software so that you’ll be able to protect your computer systems, emails & networks from theft or damage.
Here at Sydney ICT, we can help you with a wide range of business email packages that include a firewall. You can relax knowing that your Office 365 accounts have a high level of security for your sensitive data.
We also offer IT Security services and an end-point security /solutions/end-point-security/solution. End-point security deploys anti-viruses to your devices to protect you from malicious files, including those downloaded from phishing emails.
Types of Phishing Email Scams
The aim of phishing emails and the precise mechanics of the scams vary greatly. In one email victims may be encouraged to click a link through to a fake webpage with the aim of capturing personal data. Cybercriminals create an average of around 1.4 million of these webpages every month, they are constantly being replaced every few hours in order to avoid detection.
In another phishing email, common practice is to encourage the recipient to download an attachment so that malicious spy software can be installed onto the device and personal data can be stolen that way.
Phishing Email Examples
If you are unsure whether what you have received is a phishing email or not, one quick discovery method is to search for similar emails. For example, if you have received something from your bank, conduct an image search on ‘Commonwealth Bank Phishing Emails’ and this will bring up other emails that have been reported as fakes.
Fake Paypal Emails
One of the most targeted companies for phishing emails is PayPal, this is because PayPal profiles are full of sensitive information, especially credit and debit card details.
Below are two examples of phishing emails sent from fake PayPal accounts. The first one is more obviously a phishing email but the second is harder to notice.
There are a couple of aspects of this email that are suspicious:
- The email is from the sender PayPal, we cannot see the email address, but it is likely from a suspicious email such as mail.paypall.com.
- The ‘To:’ header is missing from the email. When an email is missing the ‘To:’ header it can mean that the email was ‘bcc:’ sent to multiple recipients.
- The header image features a PayPal logo, however, this doesn’t look like a current logo.
- Most official PayPal emails will be addressed to the sender and use their name rather than the ‘Dear Customer’ generic term.
- The email body has grammatical errors with missing and additional capital letters.
- The link would likely take the recipient to a PayPal branded phishing page. If a recipient clicked on this link, they would be vulnerable to having their PayPal account hijacked and the data from the account stolen.
This email looks more sophisticated than the previous one, the header features the official PayPal logo and this email has only been sent to the recipient. However, there are still some hints that this email is not from PayPal.
- Two of the more suspicious aspects of this email are who it has been sent from, the contact name is ‘Team Support’ and the email domain is ‘@account.com’.
- ‘Account Verification!’ in the subject line isn’t the most professional copy and hints towards urgency.
- The urgency in the email body is trying to provoke anxiety so that the recipient doesn’t read the rest of the email properly and notice the hints the email is unofficial.
- Similarly to the previous email, this too has been addressed to a generic recipient with ‘PayPal Customer’ rather than a specified name.
- This email has a very similar message to the one above, aiming to get the recipient to click the link and visit a PayPal branded phishing page.
Remember to always hover your mouse over any buttons or links in the email to make sure the destination address is actually where they appear to be pointing towards.
Always be more suspicious of PayPal emails as these are popular phishing emails, if you are apprehensive about clicking links on an email, close the email and open PayPal in another tab and sign in to your account separately, if there are any issues with your account you can address them this way.
PayPal requests that if you receive a fake email posing to be from them, forward it to firstname.lastname@example.org and we’ll investigate it for you. After you send us the email, delete it from your inbox. If you clicked on any links in the email you think may be suspicious, log into your account and monitor your transactions. It may also be a good idea to change your password.
Netflix Scam Emails
Netflix has tried to make it as easy as possible to spot a fake email by promising to never do the following things:
- They will never ask you to enter your personal information in a text or email, including:
- Credit or debit card numbers
- Bank account details
- Netflix passwords
- They will never request payments through a 3rd party website.
However, even knowing these points, it can still be easy to fall victim to a phishing email.
Upon first glance this email looks like it may be from Netflix, with their branding and also their wording, with the sign off ‘Your friends at Netflix’. These are the typical messaging you will get from a fake Netflix email, suggesting that your account has been suspended or your payment has been declined and you need to update your payment method.
- The sender’s name may be ‘Netflix’ however when you look at the address the email has actually been sent from it is not a real customer support email address.
- ‘Hi,’ is not the most personalised email greeting. Netflix will know your first name from your account details and will likely use this to greet you in an email.
- This email has taken a punt that the recipient pays their Netflix bill with an Amex card if the recipient doesn’t this is a clear indication that this email is fake.
- Within the body of the email, they have mentioned the Help Centre and to contact them for more information, although they haven’t included any links to the help centre or any contact details.
Netflix requests that if you receive a fake email posing to be from them, forward the email to email@example.com. If your email is rejected when you try to forward it, don’t worry, this just means they have already been sent this particular phishing email and are already investigating. After you have forwarded the email, delete it from your inbox.
If you clicked on any links in the email you think may be suspicious, log into your Netflix account and change your password. It may be a good idea to also change your password on any other sites with the same one, changing them to strong, unique passwords. If you filled in any payment details, contact your bank and monitor your transactions.
Fake Apple Emails
Arguably one of the hardest to detect fake emails are Apple emails, there are a wide variety of different types of fake Apple emails out there.
One of the types of fake Apple emails out there is used to scare the recipient into filling in their log in and payment details after fearing they have signed up to an expensive subscription service.
Another common Apple phishing email asks the recipient to sign into their account after their Apple ID has been locked out or suspended. Normally there is a time limit on when the recipient has to sign into their account, to create panic and urgency.
Keep in mind that Apple promises to never send you an email or SMS asking for your:
- National Insurance Number
- Mother’s maiden name
- Full credit card number
- Credit card CVV code
Apple requests that if you receive a suspicious email, forward it to firstname.lastname@example.org. They ask that you forward the message as an attachment to provide them with as much information as possible. Then, delete the email and do not click the links.
How to Report Phishing Emails
If you have received a phishing email, reporting it is easy. By reporting your phishing email can help fight the scammers. And, the more information you provide, there’s a better chance the scammers will get caught.
To report your phishing email or any other cybersecurity incident, go to ReportCyber or call 1300 292 371 (1300 CYBER1). Typically the company the email is posing to be from will want to see a copy of the email so they can investigate. You can also report scams to the Australian Competition and Consumer Commission’s Scamwatch to help protect your friends, family and workmates.
If you’d like to discuss an anti-phishing solution for your business, please contact us. Whether it is setting up a firewall, end-point security or simply comprehensive training for your staff, we’re here to help.