If you have landed on this page, you will no doubt be unsure what is a common indicator of a phishing attempt and want to get better at recognizing malicious email content. Fortunately, there are common signs of phishing, and knowing the tactics and techniques used by cybercriminals in their attacks will make it easier for you to identify and avoid being phished.
What is Phishing?
Before explaining what is a common indicator of a phishing attempt, it is useful to explain what phishing actually is. Phishing is a form of social engineering and phishers are confidence tricksters who defraud or deceive people by persuading them to believe something that is not true, usually in order to get them to disclose sensitive personal or company information, execute malicious code, or install malware. Phishing is most associated with email, but phishing can occur on the Internet via websites and social media networks, through instant messaging services and SMS, or even over the telephone.
What is a Common Indicator of a Phishing Attempt?
Phishing is a highly effective method of gaining access to sensitive information, and attacks on businesses have skyrocketed in recent years. During the pandemic, phishing attacks on businesses doubled and attacks have become much more sophisticated. While some phishing attacks are difficult to spot due to multiple levels of obfuscation and advanced social engineering techniques, there are several tell-tale signs of phishing. If you know what to look for, you should be able to identify most phishing attempts.
Urgency and Threats
One of the ways that phishers trick users into taking an action is by eliciting an emotional response, which is often fear. That could be fear of negative consequences if no action is taken or fear of missing out on a great opportunity. Other emotions may be triggered such as sympathy (seeking charitable donations), greed (an unclaimed inheritance), or even curiosity (information about a major news event). There is often an urgent need to take the requested action, and it is very common for a threat to be included should no action be taken, such as legal/police action, account closure, loss of service, or financial loss. The aim is to get people to act without stopping and thinking about the legitimacy of the request.
Lack of Information
Many phishing emails are light on detail and ask you to visit a website or open an attachment for more information. Emails may say “here is your requested information,” “collaboration request,” “see the attached invoice,” Resume/CV as requested,” and little else. These scams are mostly conducted to distribute malware and they work because they trick people into opening an attachment and enabling content, which allows macros to run malicious code.
Requests for Personal or Corporate Data
Many phishing scams seek sensitive information, which may be requested directly and asked to be sent via email or will direct the user to a website where they are prompted to enter personal information or login credentials to verify their identity. These websites are usually carefully crafted to look exactly the same as the websites they spoof, except they are on unofficial domains that have no relation to the spoofed company.
Grammatical Errors and Spelling Mistakes
Phishing emails often contain grammatical errors and spelling mistakes. This could be because English is not the first language of the scammer, but these errors are often deliberate. The aim is to only get people responding that are likely to fall for the next part of the scam. Regardless of the reason, these errors are common and include incorrect synonyms, poor formatting, bad grammar, and spelling mistakes, which would have no place in official communications.
Often the request in the email is unusual. If at work, the message may use atypical language, involve an out-of-band request, ask for data to be sent via email, or otherwise violates company procedures. A request may be made for an urgent payment to be made, and for that payment to be made using Amazon gift cards. The reason provided with the request as to why the change in procedure is required may be plausible, but any unusual request should be verified by phone.
File attachments are often used for malware distribution. Executable files may be attached to emails (.exe, .scr, .js, .bat for example), although most commonly malicious scripts are added to Office files. When opening the file, the user is prompted to “allow editing” and “enable Content” which will allow the malicious scripts to run. Compressed files may be attached that hide malicious executables (.zip, .rar) from email security solutions, or password-protected files that have the password in the email for the same reason. Office documents, spreadsheets, and PDF files may include links that users are told they need to click. If the links were in the message body rather than the attachment, email security solutions would flag the links as malicious.
Links to Websites
Phishing emails often contain links to malicious websites where malware is downloaded silently, or users are tricked into downloading and opening a malicious file. URLs are usually included in the message body that link to websites hosting phishing forms, which harvest sensitive information. There could be believable reasons provided as to why a website must be visited, and the site may look legitimate, but the domain is not one used by the company being spoofed. Hovering the mouse arrow over a link in an email will tell you the destination URL, but it is still necessary to check again after clicking as redirects are often used.
Businesses Need to Train Employees to Recognize the Common Indicators of Phishing Attempts
If you run a business and your employees need to use email, you should train your workforce on the common indicators of phishing attempts so they know what to look for. Ultimately it is your business that will suffer if an employee falls for a phishing email and installs malware or discloses sensitive company information.
That means providing security awareness training and keeping security fresh in the mind of all employees by making training an ongoing process. Phishers are constantly working on new ways to fool people, and training needs to be regularly provided to teach employees about new phishing methods and other cyber threats.
Fortunately, providing training is easy with TitanHQ. TitanHQ provides a comprehensive security awareness training solution called SafeTitan that makes it easy for employers to train their workforce on how to look for the common indicator of a phishing attempt and make employees more aware of security in general. The platform includes an extensive range of training content, which is gamified, interactive, fun, and enjoyable. The training is delivered in small chunks to make it easy to assimilate, and there are quizzes to test learning and a platform for conducting phishing simulations to see how your employees respond to realistic (but fake) phishing attempts.
SafeTitan security awareness training is incredibly easy to set up and use, and you could even complete annual security training in a single day if you so wish. SafeTitan does not generalize and allows each business to develop a training course to meet their own needs, and train employees to recognize the specific threats they face.
Why not book a free demonstration of the solution or take advantage of the free trial to see for yourself how easy SafeTitan is to use and take the first step toward creating a human firewall that will repel phishing attacks.