By David Rossell on Feb 6, 2017

How to Identify a Phishing Scam

Phishing—It’s not just about investment opportunities in Nigeria anymore! It wasn’t that long ago that the most sophisticated scam email we would see in our Inboxes was a note from some supposed businessman looking for assistance with a cash transaction.  The threat landscape has changed dramatically in the past year, with phishing emails becoming more advanced and almost indistinguishable from a legitimate email.  All is not lost, however, and this guide will provide some tips for identifying the wolves among your flock of otherwise peaceful email.

What is phishing?
At the simplest level, it’s a fraudulent piece of email engineered to get you to complete a task you otherwise would not perform.  Those tasks might be transferring money to an account in the Caymans, providing a stranger with your login credentials, or installing a virus on your computer.  Phishing attacks succeed because they fool you into thinking they are messages from something or someone that you trust, and attackers are getting better and better at pretending to be trustworthy.  You’ll receive phishing emails that seem to be from people you know, maybe even your boss.

How do I tell a phishing email from a legitimate one?
How do you know that your boss really isn’t telling you to transfer $10,000 to a numbered offshore bank account?  You need to pay attention to the details in a message.  Most phishing scams look similar to something that you’d receive from a legitimate source, but rarely are they identical to legitimate messages.

For example, you may receive a message from Citibank telling you to log into your account providing a link to check on a transaction.  You know, however, that your bank has told you that it never sends you emails with login links.  That discrepancy is your clue.

Links in the suspicious email are your best identifier that something is phishy.  Take this screen shot below:

When I placed my cursor over the link WITHOUT CLICKING, it showed the link’s URL.  This link clearly wasn’t going to FedEx.  You’ll notice as well that the FedEx address isn’t even correct.

Many phishing emails are closer to the real thing than this is, but the same techniques apply.  If you receive an email for an Office 365 document link, for example, all you need to do is drift your cursor over that link.  You’ll notice that the link does not go to office.com or Microsoft.com, but some random website that the phisher hijacked.

Ha!  I’ve spotted a phishing email.  Now what?
Please forward it to your IT help desk so they can analyze the message and configure the spam filter to have a better chance of stopping the phishing message in the future.

Where can I learn more about phishing?
https://www.us-cert.gov/ncas/tips/ST04-014
Offers some basic tips.

https://www.it.cornell.edu/security/phishbowl.cfm
Is Cornell’s database of current phishing scams they’re seeing on campus.  It’s a great way to familiarize yourself with the types of messages out in the wild.

http://www.consumerreports.org/money/how-to-protect-yourself-from-phishing/
The folks at Consumer Reports also have a clear guide with some useful links.