In this guest blog, SuretyIT Technology Director Geoff Stewart shares some Cybersecurity tips with his "5 Tips on how to spot a malicious email".
Email spam filtering is much better than it used to be. For example with the anti-spam service I use I get maybe one spam email a week. But no system is perfect and every now and then a malicious email will manage to slip into your inbox, so it’s critically important that you can recognise a malicious email when you see it as it can do serious damage.
We’ve seen over the last few weeks a dramatic increase in the amount of emails that are being received which contain malicious links. If these links are clicked, they will download and install Crypto malware on to computers.
So I’ve put together some tips for you to look at and maybe distribute to your staff to help them identify a malicious email –
1 Use the Outlook Reading pane to examine suspicious emails
I don’t have this set on all of the time but find it very useful when I receive an email that I’m just not quite sure about. It’s easy to switch on and off. If you’re using Outlook 2010 or 2013 to switch it on – Click on the View tab and then the Reading Pane button. From the reading pane you can read the content without opening it.
2 Examine the email address
There are 2 important components of the email address that you see in Outlook. One is the display name (the user friendly name) and the other is the actual email address. The display name may tell you that it is from a specific person or business but you can get confirmation by using the reading pane and looking at the email address beside the friendly name. If it doesn’t match then it’s likely to be malicious. Sometimes though it can match and it’s then very important to follow the other tips.
3 If the email contains a link
If the email is asking you to click on a link the easiest thing to do is hover your mouse over the link without clicking on it. If the link is not taking you to the website that email is supposedly from, it’s most likely malicious.
4 Look at the language in the mail
If the email starts “Dear customer” chances are its malicious. Other language in the email is also a give-away to it being malicious. I’ve received emails where it appears to be legitimate but the language being used isn’t quite right. Remember any reputable business is not going to ask you to confirm your personal details by sending you an email.
5 It has an attachment
Sometimes there isn’t a link but an attachment instead. It could be a zip file or other file format. If you are not expecting it, don’t open it. I received an email for my rates containing what appeared to be an invoice attachment, telling me I was overdue. My immediate reaction was horror as I thought I hadn’t paid it but I took a breath and starting looking at the email and realised that it was a well-crafted malicious email.
If in doubt – call your IT support or delete it.
About the author - Geoff Stewart is a highly experienced and skilled Technology Director at Surety IT. His knowledge is based on years of industry experience having created customised, stable, well performing systems both for multi-national companies in the UK and Australia and Surety IT customers. To contact Geoff you can email him here.