5 Ways to Spot a Phishing Email at Work

Of all the cyber threats that are out there, phishing is probably the most pervasive. 

Because of their convenience and effectiveness against the most susceptible targets, phishing has long been popular with hackers. According to Verizon’s 2019 study, phishing is the top cause of company data breaches around the world. 

While phishing attacks may differ in degrees of complexity, the basic idea is always the same: An innocent recipient opens an email or text message that is tainted with malware. In one popular type of phishing attack, the malware is an email attachment that executes when downloaded. In another form, the phishing email has a hyperlink that connects to a malware-infected website. 

Phishing emails are effective because they appear to be legitimate. Typically, it will seem urgent and address the would-be victim by name. A more advanced tactic referred to as spear phishing adds even more complexity by making the email appear to be from a trusted source, such as the recipient’s actual bank. 

Phishing attacks are aimed at both individuals and organizations. For individuals, the objective is usually is identity theft. For companies, the objective is commonly data theft. 

Therefore, in your personal and in your professional life, you should not take phishing emails lightly. Your business ought to have structures and strategies to defend against these cyberattacks. In addition to countermeasures, you should also be able to identify suspicious emails. Below is a short list of five ways to spot a potential phishing email. 

1) Poor Grammar and Spelling   

One dead giveaway that a professional-looking email is a phishing attack is bad spelling and grammar. Many businesses use automated spell-checking to prevent outgoing emails from having glaring mistakes, and bad spelling/grammar is typically the result of a cyber-criminal having a poor grasp on English. 

2) An Odd Salutation 

Emails sent among professional colleagues generally have an informal salutation. Emails that begin with “Dear” or have an odd way of addressing you are from sources outside your field and should be viewed suspiciously. 

3) Technical Inconsistencies 

A different way how to identify phishing is spotting inconsistencies in things like contact information and domain names. For instance, an email identifying itself as coming from PayPal should have something close to an “@paypal.com” is the sender’s email address. 

To check to see if the sender’s address is from the correct organization, hover your mouse pointer over the sender’s name and to see what email address pops up. 

4) Unusual Attachments 

These days, most professional file sharing is done with cloud-based platforms like OneDrive or Dropbox. Therefore, if an email has an unexpected attachment, it ought to be treated suspiciously. 

5) An Offer That is Too Good to Be True 

Scams that offer something that seems too good to be true predate email. If you receive an unexpected offer that seems almost too generous, conduct Google Searchers, or use other communications channels to confirm if the offer is real. Do not reply, open attachments, or click on links in the email until you’ve verified the offer’s authenticity through multiple sources. 

For Your Next Job with a Safe, Secure Talent Partner 

At Career Concepts, we take cybersecurity very seriously and have robust data-protection measures in place. Please contact us today to find out how we can safely and securely find your next job.