What are Phishing Emails and How to Identify Them

Phishing emails

A phishing attack occurs when a cybercriminal attempts to trick individuals by creating and sending fake emails appearing to be from an authentic source. The email could ask users to confirm personal account information or prompt them to open a malicious attachment, infecting their computer. Identify a phishing email by considering if:

  1. The email asks you to confirm personal information
    Emails arrive in your inbox and look authentic. Whether this email matches the style typically used by you or that of an external business such as a bank, hackers go to painstaking lengths to ensure their phishing email imitates the real thing. Always question emails requesting confirmation of personal information that you would not usually provide such as banking details, login credentials, or personal information. 

  2. The web link or email address do not look genuine
    Phishing emails come from addresses that appear to be real at a quick glance. However, after a moment of scrutiny, you will notice a capitalized letter is or slightly misspelled company name, revealing the web link or email address is fraudulent.

  3. The email is poorly written
    Often phishing emails contain poor language and have a lot of spelling mistakes in the body of the message. Read the email and check for spelling and grammatical mistakes, as well as strange turns of phrase. If have received an unexpected email from a company and it’s riddled with mistakes, it’s usually a phish. 

  4. There is a suspicious attachment
    Alarm bells should ring if you receive an email containing an attachment from a company out of blue. These attachments usually contain malicious content that infects your computer and network. Always be suspicious of attachments for malicious content even if they are coming from a reliable location and double check the source.

  5. The message makes you panic
    Phishing emails commonly attempt to instill panic. The email may claim your account has been compromised and the only way to regain security is to enter personal information. It may ask you to enter payment information quickly so your accounts aren’t closed. If you receive these requests, contact the business directly before delivering your personal information – locating contact information from a source outside the suspicious email. 

Even if you believe you know the source, double check all suspicious or questionable emails before entering personal information, opening attachments, or clicking on links to avoid phishing attacks. Links in emails, social media posts, and online advertising are common ways cyber criminals steal your identity.

Author Bio: Mike James is a Brighton based writer and cybersecurity professional who specializes in penetration testing, ethical hacking and other cybersecurity issues facing businesses of all sizes.




Get ahead and kickstart your career at FCI.

View Job List