A ‘phishing’ email is one that attempts to trick or confuse a reader into replying and revealing sensitive and/or personal information, which can then be used to commit fraud or identity theft.
Here are 5 easy to recognise signs that an email is attempting to phish information from you –
- Deceptive subject lines
- Spoofed email headers
- Professional-looking content
- Disguised hyperlinks
- Fake email forms
And in more detail –
DECEPTIVE SUBJECT LINES
Phishing emails tend to arrive with subject lines that are designed to either pique your interest, or provoke you into action without thinking, for example, ‘Your email address has been selected in our lottery draw’ or ‘Please verify your account within 48 hours to avoid account suspension.’
You may also spot numerals or other gibberish in the subject line – this is a ploy to avoid spam filters.
Another common method of trying to sneak an email into your inbox is by misspelling words in a way that you are unlikely to notice if you are someone who quickly scans their emails.
SPOOFED EMAIL HEADERS
Contrary to what you may realise, it is actually very, very simple to make an email appear to have originated from anywhere a potential fraudster would like you to think it has come from. Good examples are the phishing emails that purport to come from banks – the email will appear to be from firstname.lastname@example.org
Of course, this is spoofed, and is designed to trick the unwary into thinking that the email is from a genuine company, thereby increasing the fraudster’s chances of trickery and deception.
If you right click an email, select ‘properties’ then view it’s source this can often reveal the true origin of any electronic mail you receive.
However, be aware that the wiliest of fraudsters can do a good job of hiding even this tell-tale sign.
A clever fraudster covers as many bases as he can.
Wherever possible, a fraudster will send out emails that look completely genuine.
This will mean that official company images, logos, trademarks, etc will be utilised in their phishing emails.
It goes without saying though that links to anywhere where you have to give up passwords, account numbers, etc will be false, thereby giving the crook access to your funds, accounts and/or personal information.
Many phishing emails employ the technique of disguised hyperlinks.
This tactic is generally employed in one of two ways –
HTML is used in the email which allows an internet address to be typed which is completely bogus as it is linked to an altogether different website, the fraudster’s site.
In a text based email, their may be a written hyperlink that looks like email@example.com.
For those of you who don’t already know, your browser would be directed to the site after the ‘@’ – in other words, the fraudster’s site.
Either way, the email will look like it is redirecting the reader to the genuine site to which it pertains.
The best defence is to read hyperlinks carefully or run the mouse over them – this will show if the web page they are pointing to is the same one the text leads you to believe it is.
FAKE EMAIL FORMS
I’m sure you’ve visited plenty of web sites that have email forms set up in case you wish to contact them about their products or services, but have you ever seen such a form set up within an email?
Contained within an email that has been designed and worded in a way to encourage the recipient to reply, the email form actually runs on a fraudster’s script, designed to forward all the information you enter into it.
This could either be directly, or it could store your data in a database for later retrieval.
Such deviousness is not all that common, however, it is certainly one ruse to be wise to – clicking ‘submit’ could be very dangerous indeed!
Many of these email forms within emails are designed by clever, computer literate fraudsters.
It can be amusing to see how their poorly spelling sidekicks butcher them at times though!