{"id":496,"date":"2024-11-20T15:46:55","date_gmt":"2024-11-20T14:46:55","guid":{"rendered":"https:\/\/digitaltran.eu\/transformation\/?p=496"},"modified":"2024-11-20T15:46:55","modified_gmt":"2024-11-20T14:46:55","slug":"phishing-emails","status":"publish","type":"post","link":"https:\/\/digitaltran.eu\/transformation\/index.php\/2024\/11\/20\/phishing-emails\/","title":{"rendered":"How to Recognize Phishing Emails and Hidden Links"},"content":{"rendered":"\n

Just one simple email can halt all the production in your company, potentially causing the loss of millions of EUR\/US$ per day – that’s serious!<\/p>\n\n\n\n

Phishing attacks, generally via email also via SMS, one of the oldest and most effective forms of cyberattack, are becoming increasingly sophisticated. Even experienced users, including cybersecurity experts, can be tricked. Why is that?<\/p>\n\n\n\n

In today\u2019s criminal landscape, some rogue organizations or governments employ psychologists and psychiatrists to craft highly convincing emails and links, and even create mock identical websites that mimic your company\u2019s website.<\/p>\n\n\n\n

For many, identifying phishing emails \u2013 especially those with hidden or deceptive links, often through text or a button \u2013 can be challenging. This article provides a quick guide and an example on how to spot these threats:<\/p>\n\n\n\n

\n\n\n
\n
\"\"
Phishing or not a phishing email<\/strong><\/figcaption><\/figure><\/div>\n\n\n
\n\n\n\n

1. Start at the top: Look for Suspicious Sender Information<\/h3>\n\n\n\n

Phishing emails often come from addresses that seem familiar but have subtle anomalies. Always check the sender\u2019s email carefully:
\u2022 Misspelled company names.
\u2022 Generic email domains like @gmail.com<\/code> instead of company-specific domains, as legitimate companies should use their own domain.
\u2022 \u201cUndisclosed recipients\u201d or other oddities in the recipient field.<\/p>\n\n\n\n

2. Examine the Email Content for Urgency or Threats<\/h3>\n\n\n\n

Phishing emails often create a false sense of urgency, for instance \u201cYour account will be locked or suspended!\u201d. Legitimate companies don\u2019t pressure users this way. If the message seems too urgent or threatening, be skeptical and call the sender directly \u2013 taking a few minutes to verify can save you much more time in the long run, and possibly even prevent legal issues.<\/p>\n\n\n\n

3. Hover Over Links Without Clicking<\/h3>\n\n\n\n

A key sign of phishing emails is the presence of misleading links. Hover your mouse pointer over any link (without clicking<\/strong>) to check where it actually leads \u2013 a bubble will pop up with the address or appears in the status bar \u2013 see picture (look at the beginning, the domain name \u201cexample.com\u201d, and not the rest behind). Look for:
\u2022 Discrepancies between the visible link and its destination.
\u2022 Misspelled domain names or extra characters in the URL.
\u2022 Shortened links, which are often used to disguise malicious destinations.
\u2022 If your web browser\u2019s security is disabled, check for the \u201chttps:\/\/\u201d (see picture) prefix in the URL to ensure the connection is secure.<\/p>\n\n\n\n

\n\n\n\n
\"Check
Check thoroughly the email!<\/figcaption><\/figure>\n\n\n\n
\n\n\n\n

4. Look for Generic Greetings<\/h3>\n\n\n\n

Phishing emails often use generic phrases like \u201cDear Customer\u201d or \u201cHello Dear\u201d instead of addressing you by name. Genuine emails from companies you\u2019ve dealt with will usually address you by your full name or username.<\/p>\n\n\n\n

5. Verify with the Source Directly<\/h3>\n\n\n\n

If an email asks you to take immediate action (e.g., reset your password, make a payment), go directly to the company\u2019s official website or contact their support team by phone. Never trust the links in the email itself.<\/p>\n\n\n\n

6. Check for Spelling and Grammar Errors<\/h3>\n\n\n\n

Many phishing emails are poorly written, with awkward phrasing, missing punctuation, or spelling mistakes. Legitimate companies usually proofread their emails carefully. In case of doubt, call the sender directly to confirm (sometimes the official language isn\u2019t the sender’s mother tongue).<\/p>\n\n\n\n

Conclusion<\/h3>\n\n\n\n

Recognizing phishing emails requires vigilance, but by following these simple steps, you can protect yourself from falling victim to these types of attacks.
Don\u2019t dismiss the narratives like, \u201che (she) is overdramatic…\u201d. It\u2019s better to be a bit overdramatic than to be sorry afterward.
When in doubt, don\u2019t click any links, and always verify through official channels.<\/p>\n\n\n\n

New Threats!<\/h3>\n\n\n\n

There\u2019s now a new threat \u2013 although not entirely new but making a comeback \u2013 called snail mail (physical mail) phishing or scams:<\/p>\n\n\n\n

Some months ago, I received a \u201cletter\u201d claiming to be from my bank. How did I recognize it as a scam? As simple as it was, the stamp! Everything else about the letter was identical to the official correspondence my bank typically sends. This highlights the importance of scrutinizing even traditional communication channels, as scammers are increasingly adept at mimicking legitimate mail, telephone calls, and messaging.<\/p>\n\n\n\n

As a side note, I don\u2019t<\/strong> even use<\/strong> traditional telephone<\/strong> calls for secure or highly private communications, instead, I rely on one of the most secure messaging apps.<\/p>\n\n\n\n

But this is a topic for a future article!<\/p>\n\n\n\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Just one simple email can halt all the production in your company, potentially causing the loss of millions of EUR\/US$ per day – that’s serious! Phishing attacks, generally via email also via SMS, one of the oldest and most effective forms of cyberattack, are becoming increasingly sophisticated. Even experienced users, including cybersecurity experts, can be … Continue reading How to Recognize Phishing Emails and Hidden Links<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":500,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,103],"tags":[95,160,28,21,23,161,155,17,162],"class_list":["post-496","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyber-security","category-dark-web-tor","tag-ai","tag-artificialintelligence","tag-corporates","tag-cybersecurity","tag-data","tag-email","tag-phishing-2","tag-security","tag-sms"],"_links":{"self":[{"href":"https:\/\/digitaltran.eu\/transformation\/index.php\/wp-json\/wp\/v2\/posts\/496","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/digitaltran.eu\/transformation\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/digitaltran.eu\/transformation\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/digitaltran.eu\/transformation\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/digitaltran.eu\/transformation\/index.php\/wp-json\/wp\/v2\/comments?post=496"}],"version-history":[{"count":2,"href":"https:\/\/digitaltran.eu\/transformation\/index.php\/wp-json\/wp\/v2\/posts\/496\/revisions"}],"predecessor-version":[{"id":502,"href":"https:\/\/digitaltran.eu\/transformation\/index.php\/wp-json\/wp\/v2\/posts\/496\/revisions\/502"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/digitaltran.eu\/transformation\/index.php\/wp-json\/wp\/v2\/media\/500"}],"wp:attachment":[{"href":"https:\/\/digitaltran.eu\/transformation\/index.php\/wp-json\/wp\/v2\/media?parent=496"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/digitaltran.eu\/transformation\/index.php\/wp-json\/wp\/v2\/categories?post=496"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/digitaltran.eu\/transformation\/index.php\/wp-json\/wp\/v2\/tags?post=496"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}