At the beginning of the article, quote Abraham Lincoln’s famous quote: “You can fool everyone at certain times and deceive some people for life. However, you cannot deceive everyone at all times. ”
A famous quote from Lincoln about people, but it is also very true about cyber fraud organizations. They may deceive you with fake emails, but at times, someone will discover them. And today, we will share together ways to identify phishing email tricks.
The content of a phishing email
What is a phishing email?
This is a trick that hackers use emails designed to look like accounts of people you know, organizations, agencies, or governments to trick you into providing personal information. Or trick you into clicking on a certain link or file to get personal information, spreading malicious code to get confidential information from the agency’s computer system.
Regardless of the precaution, identifying and detecting phishing emails is difficult. However, based on many reports and documents collected. We will identify points that help you identify phishing emails more easily.
1. Legal companies will not send you emails asking you for sensitive information
If you receive an unexpected email from an organization that asks you to open the link or download the attachment and ask you to provide sensitive information, even though you and they didn’t have any previous links No wonder, 99% sure it’s a phishing email.
Mostly, information about passwords, credit cards, tax codes … organizations will never ask you to open the link and enter the login information. Because they understand the dangers of fraudulent organizations. They will never send you any links asking you to sign in.
2. Legal companies will greet you by your first name, not by a generic one
For information of a confidential nature. Legal companies often send emails to specific individuals, they will certainly call you by your name, and there may be instructions for you to contact over the phone to ensure safety.
As for phishing emails, they hit all the objects and send emails to many people, so they will not be able to say hello with a specific name. Phishing emails often have general greetings like dear customers, account holders …
However, some mischievous hackers can deceive users with promotional emails with attractive promotions. Luring users to click on the link and provide the information they want. So how can we find out in this case?
3. Legal companies have clear email domains
Legitimate companies will often register a separate domain name for company email. For example vnetwork will use: @ vnetwork.vn for corporate email. Scammers when sending emails often change the domain name so that they can be seen through the eyes of the recipient.
For example, email@example.com, fraudsters will use firstname.lastname@example.org or email@example.com. When you just glance at the name (tuyendung) without paying attention to the characters after @, you hit the trap.
However, there are some exceptions, when legal companies often use sub-domains with different domain names, to serve services such as support, customer care, etc. Identifying fake emails by looking at the domain name in the sender’s email address is not the best way to avoid fraudulent emails.
4. Legal companies always use meaningful sentences when sending emails
This is the easiest point to spot a phishing email. Real companies often take care of the syntax and give meaningful information.
5. Legal companies do not force you to visit their websites
Emails with links and forcing you to click on the link to provide information, then it is certainly phishing emails. You should not click on any links.
However, as hackers became more and more mischievous, they created a hidden links throughout the mail locations. Even if you do not click on the link but accidentally click on any location on the email will be trapped because the right-click link is malicious. Therefore, check carefully to minimize the risk of attack. It is best not to open an email when you are skeptical.
6. Legal companies do not send attachments
Legitimate companies will usually not send attachments to emails but rather ask you to go to the official website to find and download the files.
So, for emails with files that force you to download, you should be careful, especially files with the format: .zip, .exe, .scr. It is best to contact the legal company that you suspect they are being a fake hacker organization to trick you into providing information.
7. Legal company links must match the legal URL
Proof of the link included in the email with the URL of the service company you used to check if it was a Phishing Email?
For phishing emails, the URL is often different from the link or the unrelated URL https://
RECEIVE GUARD - prevent email attacks
Phishing emails with many different purposes, can be stolen bank account information, can be tricked to steal sensitive information, can also trigger remote control malicious code, attack an Enterprise network system. The damage from phishing email attacks is not trivial for specific individuals and businesses. Therefore, being cautious before the email is sent, is always a worry for everyone.
In order to thoroughly tackle the attacks from fake email, businesses today are increasingly applying the intelligent email filtering technology with RECEIVE GUARD’s Artificial Intelligence - an advanced email security solution that is proven. received from Gartner and Rapid7.
If you need further assistance with other security solutions such as Website Anti DDoS, Web Acceleration, or Data Center services,… please leave a message, our experts will assist you.