by Rick Kuwahara COO of Paubox
Article filed in

Recognizing and Blocking a Malicious Email

by Rick Kuwahara COO of Paubox

Malicious download from email

Differentiating between an innocent and malicious email is essential to keep your organization safe, particularly with the proliferation of smart devices and an increased reliance on email for communication.

This is especially crucial in the highly targeted healthcare industry with the overabundance of sensitive information that can be stolen or ransomed.

Here are 5 questions everyone should ask themselves if they are suspicious of an email.

Is the sender’s email address or domain accurate?

First, confirm who the sender is—even if it appears to be someone you know.

Double check the sender’s full name, complete email address, and domain. Inspect the information carefully as sometimes a name is off only by a letter or two.

Do not just trust a display name.

Display name spoofs are used in 91% of phishing attacks, so be sure you can see the entire email address before you trust the sender is real.

Is the salutation too formal or too generic?

Think about who sent the message (e.g., a friend, an employer, or your bank) and how you are normally addressed or how you should be addressed.

Is it too formal? Too generic? Too familiar?

If normal correspondence is personalized and this one isn’t, be wary of its authenticity.

Does the email contain poor spelling or grammar?

A poorly written email is not fishy on its own.

But numerous spelling mistakes along with any of the above should be considered highly suspicious.

This is becoming less and less common, but can often be found in the details of an email.

Does the email include an unnecessary or irregular link or attachment?

A link or attachment is common in a malicious email, which is why it is always necessary to pause before clicking.

Hover over a link and check its URL. Is it shortened, awkward, or only available through a download?

Look at the attachment extension. Is it uncommon? Unknown?

Macros are especially dangerous and email filters should be used to quarantine any attachments with macros.

Finally, is the email itself too bizarre or too unbelievable?

If the content is wild, odd, or creates an unnecessary sense of urgency, it is probably too good (or too strange) to be true.

For example, a company won’t send an unsolicited email asking for verification of personal information or credit/debit card numbers. It won’t want to give you money through a link.

Conclusion

Now that you can recognize a malicious email, keep confident by combining this knowledge with a strong security system and caution.

As cyber security methods grow more effective, hacking methods become more sophisticated: spelling is double checked, erroneous addresses are hidden easier, and signatures are stolen or mimicked with more accuracy.

A prime example is in the use of spoofing, where a hacker successfully steals another’s identity, normally that of a top executive, to encourage the receiver to ignore their training.

This is why awareness training must be combined with a solid security system.

Advanced features like Paubox’s patent-pending ExecProtect, conceived to combat spoofing attacks, do much to encourage users to stay safe, informed, and vigilant.

Copy link
Powered by Social Snap