How to Spot a Malicious Email

It’s important to ensure staff who regularly use email at work is armed with the knowledge to recognise suspicious emails that may contain viruses. Review the below tricks to spot an attack email that could leave your company vulnerable to security risks.

Do you know/trust the sender?

Check that the email you are receiving is from a trusted source. Take a close look at the “From” address as attackers can create addresses that are similar to your friends and co-workers. These “spoof” emails  will have incorrect spellings or numbers instead of letters and look like people’s addresses you are familiar with.

Look at the email subject line

Not all emails from attackers are noticeable right away, as they often can include valid information to trick you into believing the email is real. Review the subject line for misspellings and content that doesn’t pertain to your business.

Review the spelling and content of the mail

Again, look at the actual content of the email as attack emails often contain misspellings and poor grammar.

Is this mail relevant to your job functions?

Make sure that the content or subject line relates to your duties within your job.

Does a mail refer to an action you did not take?

Often in order to get personal information such as passwords or bank details attack emails will ask for you to enter details based on an action you’ve taken, such as telling you to enter details as you’ve requested a password reset. If you haven’t sent away for any information or password resets, don’t respond.

Don’t download unknown attachments

Attackers will often include a malicious file as an attachment to a phishing mail. DO NOT open or interact with any attachments in strange or suspicious emails.

Verify that:
– the sender is legitimate,
– the content of the mail includes a legitimate mail history,
– the attached file is one you have requested,
– the attachment is in the correct format (e.g. is this report an xls instead of the usual PDF?)

Review links and hyperlinks

Attackers will try to include links to malicious content or websites. DO NOT click on any links that you do not trust or are not familiar with.

Attackers may use URL hyperlinks in the body of an email (e.g. “Click Here”).
– Typically, hovering over these hyperlinks will disclose the real destination of the link
– Right-clicking and copy and pasting this into a word processor can also be performed to review the link.