6 Ways to Help Identify a Malicious Email

Remember when you could easily identify phishing emails because they all came from a foreign prince who wanted to share his wealth with you? As with all cyber attacks, malicious emails have evolved to the point where they look like they came from the person or company the bad actor is trying to imitate. Here are some things to watch out for:

  1. You don’t know or trust the sender – Not all malicious emails come from an unknown sender (see Google Docs Phishing Attack), but many will.
  2. Spelling errors – These could be in the company name, email domain, or anywhere throughout the email.
  3. The “To:” line looks suspicious – This could mean it is blank or contains an email address that doesn’t look legitimate.
  4. You are asked to verify account information or an order you don’t remember placing – When in doubt, do not click links in the email. Go to the webpage you typically log into without clicking links and make changes and/or verify information from there.
  5. An attachment asks you to enable Macros – Macros are instructions that execute a task, and are typically disabled for most users. If you do open an attachment asking you to enable them, DO NOT click to enable.
  6. There is an offer that seems too good to be true – It could be a gift card you weren’t expecting, or a link to discounted items from a retailer that doesn’t typically offer discounts.

These aren’t fool proof – we’re all human and can make spelling errors, hackers can gain access to email accounts and send emails posing as a person you trust – but when you can recognize some of the tip-offs potentially dangerous emails may contain, you will build up the Human layer of security around your network.