Catching the Big Phish

Phishing is something that everyone deals with today. According to the 2023 Internet Crime Report, phishing is the number one crime reported. Even with the modern protections against phishing, it is important for users to know how to spot these attempts. 

Below are our main pointers for identifying a potential phish:

Beware the sense of urgency 

It’s important to understand the common phishing tactics. The main goal of a phishing email is to trick victims into clicking a link or giving information and the main tactic of a common phishing email is using a sense of urgency. For example, an email may claim you missed a payment, and your account will be terminated if you don’t pay within the next 24 hours. This is a major red flag and is most likely a phishing threat.   

Look for grammatical mistakes 

Most phishing emails will include small grammar mistakes or spelling errors. Legitimate email messages from companies are written by professionals, so detecting errors is a good flag that the email could be malicious. You should also look for strange sounding phrases that might have been run through a translator. 

Requests for personal information 

Most scam emails are designed to look real, but legitimate companies will never ask for you to send personal information over email. If an email ever asks for any sensitive information, this is most likely a phishing attempt. If you believe the email could be real, contact the company directly to confirm its legitimacy. 

Look at the sender 

An email may seem like it comes from a reputable company, but a closer look may reveal some inconsistencies. If an address contains a long string of letters or numbers, it’s likely a malicious email. Also check the end of the address for foreign domains like “.ru” or “.in” which means the email was send from Russia or India, respectively.   

Double check hyperlinks 

Most phishing emails will contain a suspicious link, which is a giveaway that the email is illegitimate. One way to check if the link is malicious is to hover your cursor over the link. This will reveal the real link and if both links do not match, the email is most likely malicious. You can also check for spelling errors in the link.   

Suspicious attachments 

A malicious email might contain an attachment. Pause before you open any attachment, because they could be malicious files that download a virus to your device. Always double check the email to ensure its legitimacy before opening attachments. 

Report phishing emails 

If you believe you have received a phishing email, send a report to your system administrator. At Eberly Systems, we utilize Catch Phish - a software that enables users to easily report phishing emails for further analysis. 

Stay vigilant. Stay safe! Choose Eberly Systems to help you be the best line of defense against cybercrime.