I’ve started this blog in order to be able to help regular people who might not be very tech savvy (Mom, I’m looking at you), and might be more prone to being scammed or lied to. That being said, I will try to explain this in the most layman way possible.

I was going to start with explaining what phishing is, but maybe I will dedicate a whole post just to that, and just give you the basics on what and how you need to check, without needing to know what it’s technically called and what kind of technology it uses.

So, here it is:

Make sure you always check who the email is coming from. I will be showing pictures on how it’s done in Gmail, but all email providers have similar ways.

You can see below that this email is claiming to come from PayPal service@paypal.co.uk, but it’s actually coming from paypaihelpsecure@gmail.com. The Reply-To address is also different: paypaucustomers@consultant.com. So it’s actually coming from a GMail address, and considering that anyone can open a GMail address and call it whatever they want, it is quite obvious that this message did not come from PayPal. For reference here, I’ve also added a real PayPal email, so that you can see the difference.

In the real email, you can see it is coming from service@paypal.co.uk, and even further, it is Signed by paypal.co.uk, which means the website has been verified by a third party certification authority and has been issued a certificate to confirm that the email is really coming from paypal.co.uk

Also, make sure you check the certificate field too. See below, emails sent from my email address, ending in @infosecwise.com, hence, if I can do it, anyone can do it. To be honest, the certification check is not bullet proof, because any idiot can register a certificate, but it does lower the chances of email scams significantly

Do they know your name, last name, any other personal information? Attackers will very often not have your personal information, simply because they don’t know you, they are just trying their luck by sending this email to thousands of people, hoping that someone might bite. Please do note that your email address does not count as them knowing you. So, unless the email starts with Hi, Your Name, then you should proceed with caution. 

Is their English so bad, it’s literally hurting your eyes? Yup. this is a real one, and probably the easy one to recognize. Attackers are very often coming from foreign countries where cyber security laws are lenient or non-existent, so it will be expected for their English to be very low level. If you receive an email claiming to be from your bank, but it has like 10 spelling and grammar errors, it is obviously not from your bank.

Are there any weird looking pictures or files? Attachments are always a hard one. They are trying to monetize on your curiosity and they can often lure you into clicking a file, a picture or a link in the email body, so that they can preform malicious actions on your PC or mobile device. Do not do it. If you are unsure, try just to hover over the image or button. Just hover, don’t click!! Your browser will show you the destination in the bottom left corner. Whoa. that’s definitely not AirBnB

Have they called for your action? Have they asked you to respond to the email, or do something else, like clicking a link or downloading a file? Send them money? Don’t do it. This is the most obvious of them all. Attackers are usually motivated by a monetary gain, so they will try in all ways possible to get that out of you, whether by socially engineering their way into making you do it yourself, or by infecting your device with malware, such as ransomware, so if you see any call to action, just simply do not do it. All kinds of bad things can happen. 

I’ll leave you with that. Not all of these five factors will be present every time, but even if you just see one, it’s quite the reason to report the email address, block the sender, delete the email and never speak of it again!!! 🙂 Unless it is to educate your friends about this. But don’t put them at risk by forwarding that email to them, just show them this nice blog post where they can read about it. 🙂

Stay Safe. Educate Others. Share.