6 Ways to Identify a Phishing Campaign [Infographic]

The topic of phishing circulates news briefs, social media and government board meetings. It’s a hot topic, often talked about because of it’s relevance. It’s relevant, but it’s not a new story. The crafty workings of phishing campaigns have surfed the web for many years. Large businesses like Netflix, Google and DropBox have fallen victim to their strategic maneuvers.

READ ALSO: The Evolution of Phishing

What is phishing? The United States Computer Emergency Readiness Team identifies phishing as a form of social engineering that uses malicious emails to obtain personal information from an individual or company by posing as a trustworthy organization. These activities are often campaigned through email communications, but they also encompass voice messaging and social media. You can take Britney Spears’ Instagram malware comment link as a recent example.

Wombat Security’s 2016 State of the Phish report commented that:

“85 percent of organizations have suffered phishing attacks.”

As you see here, the story of phishing campaigns are too common. Yes, too common. As phishing becomes more popular, we should seek ways to eliminate this threat before it attacks our valuable assets.

According to Verizon, the vast majority of data breaches begin with a targeted phishing campaign against a business. With this said, it’s more important than ever to be able to identify well the possibilities of a phishing campaign when it arrives into your mail inbox. Straight from Intel, we learn that 97% of people around the world cannot identify a sophisticated phishing email. What! If phishing emails are as important as mentioned in these statistics, then managers, employees and the everyday consumer needs to learn how to identify a phishing campaign on the spot. We have you covered with these 6 ways to identify a phishing campaign.

Emails with generic greetings.

An email shows up in your inbox indicating that it’s from your private bank. It’s unusual, because you bank doesn’t often send out random emails. Businesses are pretty serious about their marketing efforts. If an email appears that seems very generic, it’s most likely a phishing campaign. It’s uncommon for a professional business to send out emails that are very generic.

Emails with poor spelling and grammar.

This reg flag is in conjunction with the already mentioned generic greetings. Messages from professional businesses are spell checked for grammar and spelling thoroughly. So, if a message arrives that has simple words misspelled, you can bet that it came from a malicious source.

Emails requesting personal information.

The email might display a fancy header and formal writing, but it remains to be a bad sign when the email asks for specific personal information. Business don’t ask customers to send important contact and banking information to them through email. This is just unheard of. If it happens to you, it’s safe to say it might be a phishing campaign.

Emails requesting an urgent response.

You just won the lottery, and you have less than 24 hours to collect the money. First, did you enter the contest? Second, why is it so urgent? Malicious criminals like to instill anxiety, fear and urgency to encourage you to make irrational and impulsive reactions. If the email is requesting an urgent response, it’s likely that it’s coming from a bad source.

Emails that sound too good to be true.

Like we learn in life, if it sounds too good to be true, it mostly likely is. You just won the lottery without entering. That seems like a wonderful and rare occurrence. Keep this in mind: If it seems too good to be true, it most likely is.

Emails with spoofed links.

Spoofed links are one of the best ways to determine if an email is phishing. Take your mouse and hover it over the top of the URL. This will show you the actual hyperlinked address. Once you see the link, look to see if it contains a child domain name. This is when the domain shows a double name. This is often used with large business like Google. For example, it can read like this: whatever.google.com.maliciousdomain.com. If you look hard enough you’ll see this difference.

It’s very important to train employees on how to recognize malicious emails as they arrive in their inbox. As the threat builds and criminals become strategic, having an effective information technology security plan and consistent phishing training can mean life or death for your data.

#Infographic. 6 ways to identify a #phishing campaign. – CLICK TO TWEET

Megan Thudium

Megan Thudium

Megan Thudium is a Berlin-based writer with a passion for curating actionable and enlightening content for business leaders. A seasoned author, her latest works encompass topics in travel, business and information security. Follow Megan on twitter @megan_thudium.

You may also like...

10 Responses

  1. July 21, 2017

    […] ALSO READ: 6 Ways to Identify a Phishing Attack […]

  2. July 27, 2017

    […] READ ALSO: 6 Ways to Identify a Phishing Campaign […]

  3. August 16, 2017

    […] SEE ALSO: 6 Ways to Identify a Phishing Campaign […]

  4. August 16, 2017

    […] 6 Ways to Identify a Phishing Campaign […]

  5. August 23, 2017

    […] READ ALSO: 6 Ways to Identify a Phishing Campaign […]

  6. September 28, 2017

    […] Wouldn’t it be great to know when you, your relatives and criminals logged into your accounts from other sources? This is a feature that’s been around for a time, and is very useful in making sure that you’ve logged out of all your online accounts when accessing on public computers. Again, Google offers the ability to look at these ‘online’ devices under your user settings, and DropBox sends notification emails, when logged in by a different IP address. Just be careful about potential phishing emails, and check out our guide to protect yourself against getting phished. […]

  7. October 25, 2017

    […] Get an indepth look at a suspicious email in 6 ways to identify a phishing email. […]

  8. October 27, 2017

    […] Get an indepth look at a suspicious email in 6 ways to identify a phishing email. […]

  9. November 7, 2017

    […] READ ALSO: 6 Ways to Identify a Phishing Campaign […]

  10. December 6, 2017

    […] can go a long, long way. In reference to online servers like DropBox, training your employee how to spot phishing emails can be very beneficial. By taking a second look at the faulty link, or recognizing the ‘tone […]

Leave a Reply

Your email address will not be published. Required fields are marked *