What is Email Phishing and how to detect & prevent phishing emails?
What is Email Phishing? How to detect a phishing email?
Email Phishing is a form of social engineering. Phishing is the method of sending a deceptive email to make the recipient reveal sensitive information, click on a link or download a malicious file. Email phishing has been around for a long long time. Over time, bad actors are getting clever and getting more sophisticated. Phishing emails almost always ask the recipient to take an action from the email. The sender (bad actor) might use authority, familiarity, urgency and scarcity as the tactics to get the recipient to take action. What are some most common phishing types?
Spear Phishing is sending the phishing emails targeted at one single individual or a group of people. The spear phishing emails are generally more sophisticated than regular phishing emails. It might involve recipient’s personal details which have been gathered from a data breach or from social media.
Whaling is sending phishing emails targeted at the senior management of a company. For example, CEO, CFO, etc…
Vishing is the act of social engineering people over the phone. Similar to phishing but the medium used to communicate is Telephone. These types of attacks are increasing recently.
Although we don’t hear this term often it is nothing but phishing via SMS messages. Sending SMS to the recipients and asking them to click on a link.
How to spot the Phishing emails?
Although these emails are getting more sophisticated here are the 5 ways to spot the phishing email.
The most common giveaway in detecting the phishing email is checking the sender's email address. Either the email is sent from a personal email address like gmail, yahoo mail, hotmail, etc… or the sent from a similar looking email domain. For example, your organization email domain is Microsoft.com and you received the email from Micr0soft or Mlcrosoft or something similar. If the email is coming from your email domain and looks suspicious report it to your IT department.
These phishing emails are usually poorly written. Grammar and spelling mistakes are quite common. You can also spot generic things like currency being $ although you are outside the USA and sometimes no currency at all. The emails also start with generic terms when addressing the recipient. Something like ‘Dear sir’, ‘Dear customer’, ‘Dear madam’, etc…
Almost all of the phishing emails are asking the recipient to take an action. Usually by clicking a link or replying to the email with the details. If the email is asking you to click on a link ask yourself ‘are you expecting this email?’, ‘Is this genuine?’, ‘coming from a known source?’. You can also check the hyperlink by hovering your mouse over the hyperlink. Is the link really taking you to the place that it said it would? This of the latest COVID-19 related phishing emails recently.
The phishing emails use urgency, scarcity, authority, familiarity and intimidation to make the recipient take an action quicker. Ask the same questions that were described in the above ‘links’ section.
Some phishing emails are sent with malicious attachments that contain some sort of malware or payload. Only open the attachments only if you are 100% sure they come from a genuine source and you are expecting the attachment. The attachments can come in many forms like Doc, PDF, ZIP, etc…
Phishing Email Examples
How to prevent a phishing attack?
95% of the successful cyber attacks start from an email. We looked into how to detect the phishing email above and let’s into how to prevent a phishing attack. Preventing phishing attacks 100% can be too ambitious. However, our goal here is to reduce the risk to an acceptable level. There are two different types of controls to prevent the phishing attacks. Technical controls and administrative controls.
Technical controls such as enabling anti-spoofing and two-factor authentication can mitigate the risk of phishing attacks substantially. Anti-spoofing can be enabled on your email filtering solution. It essentially stops the emails from your own email domain but are created external to the organization. Then two-factor authentication stops bad actors compromising the email accounts.
Administrative controls such as Security Awareness Training for the staff and robust procedures about updating sensitive details about suppliers/customers can mitigate the risk too. Although technical controls to mitigate the risk of phishing attacks work well there is no substitute for training your staff and increasing awareness across the board. End of the day, it is the end-user who is interacting with these emails and they are the ones who will be taking action.
There are a number of Security Awareness training companies with ready made training content. We recommend KnowBe4 Email Phishing and Security Awareness Training platform. (disclaimer: We are one of the biggest KnowBe4 partners) Others include Cofense, Proofpoint, Cybsafe, etc… KnowBe4 is the leader in Gartner’s magic quadrant as well as the highest rated & reviewed platform on Gartner’s peer reviews. The most famous social engineer Kevin Mitnick is part of KnowBe4 and he is one of the leading content creators on the platform too.
Please get in touch if you have any further questions or if you need help with your Security Awareness Training program. You can always kick-off by measuring your Phish Prone percentage.
IASMECyber Essentials questionnaire
Read or Download the IASME Cyber Essentials Questionnaire pdf copy here. The questionnaire has different sections laid out for all the controls as well as providing the preparation advice.More
What is the process for Cyber Essentials Plus Certification?
Cyber Essentials Plus accreditation involves the auditing of your IT systems. Read the article to know what exactly is involved in the process.More
What exactly is involved in Cyber Essentials Plus audit?
Cyber Essentials Plus accreditation involves the auditing of your IT systems. Read the article to know what exactly is involved in he audit process.More
Cyber Essentials most frequently asked questions
Cyber Essentials is a Government-backed, industry-supported certification and run by National Cyber Security Centre (NCSC). Here are the Cyber Essentials scheme most frequently asked questio...More
FOR LATEST UPDATES SUBSCRIBE HERE: