Identifying malicious email

[22/06/2020 > updated with best cybersecurity practices]

 

Best practice approach to cybersecurity

Since any defence mechanism is only as strong as its weakest link (typically the human involved), we recommend everyone to follow the below principles:

  1. DO NOT click on links or download attachments from people:
    – you DO NOT know
    and/or
    – you are NOT currently working with;
  2. DO NOT click on links or download attachments from people you DO know, unless you are expecting a document or link from them. If in doubt call or email them to confirm they sent that email, as their accounts might have been compromised.

The above in addition the regular cyber security awareness training and testing, will go a long way in protecting your network and data.

So how do you properly identify malicious email, e.g. phishing attacks?

The easy way…

…read the email carefully, there are a couple of easily visible giveaways e.g. the sender address (A) and at the bottom the Russian email address (B). Another telltale sign of maliciously crafted emails becomes visible once you hover (i.e. without clicking) above an link, as a flyout will appear and show you the referenced URL © which is clearly not an official link in this case.

 

The slightly more involved way – if you are using Apple Mail…

… in Apple Mail, go to View > Message > View all Headers, which will show more details about where the email came from. Depending on your mail server / hosting setup this will show more or less detail, however the important part here is that there will be addresses and more information (D) that clearly makes this an illegitimate email.

If you feel like doing the right thing you can then forward this email (with the more detailed header info) to the purported sender’s (e.g. AmEx, Apple, etc.) by sending it to abuse@… (e.g. abuse@americanexpress.com or abuse@apple.com)

Next Post

Previous Post