5 easy steps show to recognize malicious email

October 04, 2019

Imagine you will get an email from someone you know, or from some known organization or company. What will you do? Will you follow the instructions in the message? Even email which looks like a legitimate message is worth to check. How do you distinguish good email from a fraudulent one?

The best choice would be to ask the specialist, they can spot the difference and suggest what to do. But sometimes, there’s none available. Here are five tips that could help you.

First of all, you should think, whether you were really expecting this kind of email from this person / company, or not. If not, you should better check it. Even if the message seems urgent (for example message informing about the due date invoice). Some emails literally put pressure on the recipient. These emails are mostly scam emails.

So, before you even start to read the email text, take a look on a few details.

1. Look at the sender’s name and email

The sender’s email domain (after @ symbol) should match with the sender of the email. If the senders name does not match with the email (paypal@anything.com), it is probably scam. Scam could be sent from a public email domains (like Hotmail, Gmail). Exception to this could be marketing emails.

2. Check the sender’s domain

The domain name in the sender’s email address (after @) could seem right, but it also could be misspelled. There could be for example „gimletrnedima“ instead of „gimletmedia“. It could also confuse you. It is a really small detail, which could lead to so big problems. This technic could be used also with the sender’s name when public email service are used. For example, “torn.norrna1@” is not “tom.normal@”, therefore read the email address of the sender letter by letter.

Resource: Scamnet

3. Focus on content and grammar

Does the email contain unusual phrases or grammatical errors? Well, it could also mean the email is scam, because the sender used the online translator for writing the message. Many of the scammers are not from English speaking countries. Malicious email attempts to create the impression that urgent action is needed because, for example, your bank account was locked out. Such emails are unfortunately quite common. Don’t get excited, stop and think.

4. Beware of links and attachments

If there are suspicious attachments or links, you should be careful. You could be tricked to click on the link (for example to download an invoice) for some reasons. For example because of your login updates (into your bank account). Both could lead to your sensitive data loss or to malware installation into your computer or phone. Bare clicking on the link can lead to infection of your device.

Keep in mind that it is better and more secure to refuse tempting offer and not use the “quick fix” in the form of the direct link to click or an attachment. Log in to your websites directly in the browser or application. Call your bank using publicly known client service phone number. And if you’ve received the email written in the language you do not understand, ask for help.

5. Bad buttons, icons and images

Links could be hidden in the buttons, icons or images. Web address should match with the official web address of the sender. Before you click on a button, hover your mouse over the button and the complete destination address will appear at the bottom of the message or as a tooltip next to the mouse cursor.

If you will check the email message, you could identify scam in a short time and prevent any damages. If you are unsure what to do, consult the specialist for help.