How to spot a fake email. When it comes to the cybersecurity of your company, you cannot be too careful in this day and age. There are automated bots that are trying to get into your system 24 hours a day, 365 days a year. The weakest link in any cybersecurity system is the human that is interacting with the system. Email is one of the most popular ways hackers can get into your system. This brief article gives you some quick tips, some things to look out for, so you don’t get scammed and don’t get hacked!
What to look for in a fake email
There are seven areas that we suggest you get in the habit of checking when it comes to emails. Those areas are:
Who the email is from
Who the email is to
Date and time
The content of the email
How to spot a fake email: Who the email is from
Before you open an email, get in the habit of checking the sender’s email address. Is it someone in your organization? A vendor you regularly contact? Or have never heard from this person before? Is it out of the ordinary, or unexpected to get an email from this person?
If any of these statements are true, either delete right away, or check with a colleague to see if perhaps the sender is known to them.
How to spot a fake email: Who the email is to
Give a quick check of who the email was sent to. Was it sent to you directly, or were you cc’d on this email? Are the people it was sent to familiar to you and part of your organization, or are they strangers to you?
Is there a discernible pattern in the people it was sent to? For example, was the email was sent to an unusual mix of people in my organization. Or perhaps you notice that all of the last names begin with the same letter?
How to spot a fake email: Hyperlinks
Another cybersecurity tip on how to spot a fake emails is to check hyperlinks. If there are hyperlinks in the text, what happens if I hover my mouse over the hyperlink without clicking? Does the address that appears to a different website than the hyperlink? This is something of which to be very wary.
Does the hyperlink contain misspellings of a website. For example, Deldaairnlines.com. In this example, two words ”Delta” and “airlines” were both misspelled. This is a huge red flag to be avoided. Do not click on any links such as this.
Is the content of the email just one long hyperlink and nothing else in the body of the text? Do not click on this link and delete this email.
How to spot a fake email: Date
Was this email delivered at an unusual time outside normal business hours, like exactly 3:00 a.m.?
How to spot a fake email: Subject
Do a quick check of the subject line of the email and ask your self some questions:
Does the subject make sense?
Does the subject match the content of the message?
Is the subject sound like a reply to a request I never made? If so, do not open the email and delete immediately.
How to spot a fake email: Attachments
If there are attachments to the email, give a quick scan and check the following:
Does the attachment have a strange mix of symbols, numbers and letters?
Is this attachment something that I did not request, and don’t recognize?
Does the attachment not match the body of the message?
If any of these conditions exist, do not open the attachment.
How to spot a fake email: Content
Read the content of the message with a critical eye.
Is there a sense of threat in the message, as if something bad would happen if you didn’t respond.
Are there spelling errors? Incorrect grammar? Unusual ways of phrasing, like a native speaker of your language would not write?
Is the email referencing an embarrassing picture of you or someone you know?
Does it sound too good to be true?
If the content falls into one of these categories, do not open that email!
The Bottom Line
These are all good tips, and perhaps many of them you hadn’t thought of before. I would suggest not trying to memorize all of them, just let this article help to raise your awareness that there are going to be times when you will get an untrustworthy email. The bottom line: trust your instincts.
Does the email feel strange? Delete!
Do you not remember asking for this email, or don’t know the sender? Delete!
Does it come from outside your organization? Delete!
Does the attachment look off, irregular or just not right? Delete!
It is always better safe than sorry when it comes to cybersecurity! Be safe out there!
If cybersecurity is a concern of yours, check out our blog about malware: what it is, and how to protect yourself from it hurting your company.