SCAM ALERT!
David received this phishing attempt email this morning, and we decided to share it with you to see if you too can identify some major red flags that mark this email as a scam.
The first place to start is with the email address of the sender. In this case, this email was not only unfamiliar but also quite long. The length and complexity of the email address is a serious sign that this is not from a reputable sender. Another good sign to look out for? A well-known entity at a public email domain. For example, a clear fake would be something like WellsFargoSecurity @ gmail.com. Your bank will not be emailing you from a Gmail account, we promise.
The second red flag is the conspicuous lack of detail. See how there are no other options listed in the email? No number to call with questions, no attached PDF with step-by-step instructions, no warning emails ahead of this one. The only details about the recipient are clearly garnered from the email address itself – David’s name and organization. The lack of information can point to a hacking attempt.
The third red flag is more nuanced. Look at the phrasing of this email. Everything feels professional, yes, but also urgent. The hacker does not want you to take any time to second-guess what they are asking you to do. They are trying to scare you into action, before you’ve had a chance to think, or talk to your IT department. “Your access ends today.” “Use this link within 48 hours.” “Attention David.” All of these phrases are intended to elicit an immediate response from you – they want you to click the big blue button.
Lastly, let’s talk about the button itself. Although it’s not possible to do on the above screenshot, if you receive a similar email, you can always investigate the button offered to you. Right-click on the button and choose “copy link address,” and then open a sticky note, notepad, or Word application and paste. What does it say? Does it match the “sender’s” organization? If it doesn’t – red flag!
We hope this information helps keep you and your business secure. Please feel free to share with your staff, colleagues, friends, and family. And if you’re interested in more in-depth cybersecurity training, let us know! We offer classes to train your staff and make your business more resilient to outside threats.
Recent Comments