How to Identify Spam, Spoof and Phishing E-mails

27 February 2018
Barbara

As detailed by Symantec in their 2017 threat report, 1 in 131 e-mails contained malware, the highest rate in five years. With the security threat on the rise we collated some of the best tips to remember when a suspicious looking e-mail finds its way into your inbox.

Malware Infected E-mail

Don’t Trust the Display name, Check the E-mail Address

The most common phishing technique amongst cybercriminals is to spoof the display name. A cybersecurity company analysed more than 56 million e-mails from 91,500 corporate mailboxes and identified that out of the more than 537,000 phishing threats they found 91% (490,557) contained characteristics of display name spoofs. Spoofing a display name is where cybercriminals impersonate an individual familiar to a business in order to mislead them into thinking that the message was sent from a trusted source. This tactic can be extremely effective within teams that are bombarded with incoming communications all day, every day. Direct spoofs were the second most popular attack type (8%).

Below are examples of a spoofed display name:

Spam E-mail Display name
Spam E-mail E-mail Address

At first glance, when the fraudulent e-mail is delivered, it appears legitimate as most inboxes only show the display name. Check the e-mail address in the header of the e-mail, if it looks suspicious, delete it.


Examine the Salutation

If a cybercriminal obtains your first and/or last name, they will leverage this. However, it is common for them to address you with a generic greeting such as “valued customer”. Legitimate businesses will always address you using your first and/or last name.

Dear Valued Customer Spam E-mail

Check for Spelling and Grammatical Errors

All professional businesses take branding seriously. Legitimate e-mails rarely contain major spelling or grammatical mistakes, this is generally a strong indicator that the e-mail is malicious.

E-mail with Spelling and Grammatical Errors

Spam Words and Phrases

E-mails with poor spelling and grammar are often accompanied by common spam words, such as FREE, GIVEAWAY and SALE. You’re a Winner! Is another popular phrase used to urge users to open a phishing e-mail and click on a link, ironically it tends to be for a competition you’ve never even entered.

Spam E-mail with Spam Words and Phrases

Be wary of Urgent and Threatening Language in the Subject line and body of the E-mail

Creating a sense of urgency and invoking fear is a popular phishing technique. If you receive an e-mail telling you that you must act now, be cautious. One of the most common tactics by cybercriminals is offering discounts that are only available to a select amount of individuals or for a certain amount of time. This creates a sense of urgency and often makes the recipient feel as though they must act straight away in order to claim what is on offer.

Below is a chart representing common subject lines used in BEC (Business E-mail Compromise) scams. “Request” was the most popular keyword utilised in subject lines for BEC scam emails, followed by “Payment” at 15% and “Urgent” at 10%.

BEC Scams Common Subject Lines pie Chart

Data source: Symantec Government Report


Requesting Personal Information

In addition, beware of e-mails that claim your account has been suspended or had an unauthorised login attempt as another common technique that cybercriminals use is telling you that your account has been compromised. Generally you will receive an e-mail detailing that your account has been hacked or your password has been stolen. They will then suggest that you change your password and provide you with a link to do so. However, once you click the link you generally have to enter your current password before entering a new one. This then means that the cybercriminal now has your current password and can use it to access your account. Legitimate businesses, such as Lloyds bank, always stress that they will never request for your personal information via e-mail. The best action to take after receiving an e-mail requesting for your personal details is to delete it.

Spam E-mail Requesting Personal Information

Don’t Click on Attachments

Malware can damage files on your PC, spy on you without your knowledge and steal your sensitive data, such as passwords. It is common practice for cybercriminals to distribute malware through e-mail with 66% of malware delivered via email attachments. The best approach is to not open e-mail attachments you were not expecting.

Spam E-mail with Attachment

Look but don’t Click

If you receive an e-mail you are unsure of, refrain from clicking on any of the hyperlinks, hover over them to see where they redirect to. If it is a phishing e-mail, you will notice that the link may say it is from servicelloyds@lloydsbank.com but the actual link points somewhere else. Hovering over links provides you with the ability to see where they redirect to. However, cybercriminals have started using shortened web addresses so if you are curious and want to test the link, open a web browser and type the web address directly into the address bar or search for the page using your preferred search engine rather than clicking on any links in the suspicious e-mail.

Spam E-mail with Spoofed Link

Review the Signature

It is highly unlikely you will receive an email from a professional business that does not contain an email signature, including details of the individual and the company. You should always be cautious of e-mails that lack any further contact details of the sender.

Spam E-mail with Signature

What we can do to help

Tiedata has a number of security solutions that can provide you with the means to protect your business from the daily threat of spam, spoof and phishing emails. If you would like to learn more and discuss what is available to your business, please contact us on 01773 513 513.