Learn to Phish – 10 Minutes
These are the most common indicators that you might be looking at a phishing or scam email. Even an email from someone you know may be a phishing email if they fell for it first. Below are some Phishing email examples.
- S.A.L.U.T.E. Your Emails
- Sender – Check who sent the email, the name and email address. A single letter off could be the difference between a real and phishing email. See some examples here.
- Attachment – Some attachments like PDF’s and Word(.doc) documents can run code when opened so you should only open attachments from trusted sources. See some examples here.
- Links – When on a desktop computer hover your mouse over a link before clicking. Which one of these links is legitimate? Google, Google, or Google?
- Urgency – Using urgency can be an indicator of a scam or malicious email too. That unexpected, urgent invoice or shipping notification may not be real. See some examples here.
- Too Good to be True – A free iPad or 90% discount is probably not real, check to be sure it is not a scam. See some examples here.
- Errors – Multiple misspellings or grammatical errors could indicate a scam or phishing email. Test your skills using the Phishing IQ Test.
- Use a Secure Email Provider
- Gmail – Free(as in money) and easy to use with great warnings about phishing emails. Unfortunately Google does your information and emails to target you with ads so you do pay one way or another.
- ProtonMail – Free plan or $4/month for additional security features. Good email for the privacy minded, but lacks the phishing protection seen with Gmail.
- Yahoo – Yahoo, although popular, cannot be recommended after all 3 billion accounts were hacked.
- When in Doubt, Check it Out
- Important Note: documents or links with potentially sensitive information(i.e. banking, personal, or health information) should not be checked with these public tools.
- VirusTotal – Analyze suspicious files and URLs to detect types of malware, automatically share them with the security community.
- Hybrid Analysis – Free malware analysis service for files.
- Google Safe Browsing – Check URL’s for malicious content.
- Find Additional Tools…
- Secure the Device