We have informed you about phishing attacks through emails and SMS, and how you can avoid them. Now, let’s dive deeper into how you can actually spot spam or phishing emails with your own eyes.
Receiving spam emails is something that we have gone through at some point before. You may have just scrolled past them, or deleted them immediately. But some of these can actually catch your attention, leading you to believe that it may be in fact a legitimate email or person trying to get in touch with you.
So, what does a spam or phishing email actually look like?
In this article, we will help you spot some signs to help you better organize your emails and make sure that you do not fall into a phishing trap. We are sharing some of the emails we have actually received for you to have a look and see if you have gotten one of these, as well.
This screenshot is owned by CLDY
This screenshot is owned by CLDY
“You won!”
“Congratulations!”
These are just example headliners of phishing emails that tell you something about winning big bucks through a lottery or a contest online. For someone who needs money, this can certainly catch someone’s eye. But if you look closely and click on the dropdown on the recipient’s name, this is what you will see:
This screenshot is owned by CLDY
Sign #1: Email Domain Is Different From Claimed Origin Business / Organization
In the screenshot above, the sender’s email address is complete gibberish. The domain is unrecognizable, and it does not reflect the establishment they claim they are a part of.
The original email says they are from “Lucky Creek Casino”, but the email domain is different (volcsoum.com and via cofeci.gov.br). This is one of the telltale signs that you just received a phishing email. Normally, an email from a specific organization would have the same domain (e.g. [email protected], [email protected]).
Sign #2: Requiring/Asking You For Sensitive Personal Information
This screenshot is owned by CLDY
This screenshot is owned by CLDY
In this email, you will see that it’s pretty harmless, and the domain looks fine – it’s a simple offer for financial aid or a loan. But if you read through, it tells you that it is REQUIRED for you to provide your bank account information. If you have experience applying for financial institutions online, you would know that some of them actually offer, or at times – encourage, crypto or mobile wallet options for disbursements due to their convenience. So, it seems that this particular email is telling you that you can sign up ONLY IF you provide your bank account information, and that is something that should not be given out to anyone, more so in an online form from an unrecognizable source.
Sign #3: Spelling And Grammatical Errors
In the screenshot posted below, you can see that the title itself is misspelt. Since there is no such word as “coperate”, we can only think that they meant either “corporate” or “cooperate”, which still would not make sense since this email is saying that the fax is from “Up”, which is also very vague.
This screenshot is owned by CLDY
Sign #4: Message Does Not Actually Make Sense
The above email is also an example of an email that does not have any content. It simply says that a document was scanned, but there were no details or attachments to confirm what it is. If curiosity gets the better of you, replying to this email would be the first thing. But that’s why we’re here – to let you know that you should veer from that reply button and not engage in these types of phishing emails.
Sign #5: Domain Is Non Existent
You can use your own web hosting service to determine if a domain is taken up or not, just like how you would do when you want to see if the domain you want is still available. While this may show that the domain is actually taken up, it can help you recognize if a domain or an organisation linked to that domain is legitimate. Some of these senders (like the one we mentioned in #1) would use a different email address as a cloak to conceal the real one they are using (which would oftentimes be a regular email from the usual platforms).
Some email platforms can already classify spam emails as such, so you don’t have to do the scouring yourself. SpamAssassin is one of the features you can utilise to make sure that these types of emails are kept out of your way.
These are just a few signs, but in reality, these scam and phishing emails are actually closer to looking like reliable emails than you would expect. Be always wary and think before you click to make sure you protect yourself from these security risks. These small steps pave your way towards being a smarter business owner, and an even better defender of your own information.