Detect a Phishing Email
How To Detect a Phishing Email
- Deceptive Links Hover over the link and does it directs you to a different website?
The biggest red flag that a message is likely malicious is a deceptive link. That is, a discrepancy between the shown link and the real destination URL… Did the email come from a legitimate source but the links to click on aren’t from within the company or institution?
As you may or may not know, it is very easy to make a link display one thing but take you to a totally different place. For example, here is a link that says Yahoo, but it will really take you to Google. Web browsers and email clients give you a way to see the real destination of a link, however, and you can use that feature to test a link to see if it is deceptive.
If you hover your mouse pointer over the above link, you will see the URL for Google. The same process works in email clients such as Outlook, where hovering over a link will display the URL you are being directed to.
For more on suspicious links and websites check out our How To… page
- Requests for Passwords Is the person on the other end requesting your passwords financial information
BU will NEVER ask you for your password nor would any other legitimate business or institution. It is important that you safeguard your passwords and never give them to anyone, especially via email nor would a legitimate email ask.
More good ways to tell if an email is suspicious and possibly malicious:
- Known Scams Is it someone from another country asking for money?
- IP Addresses in the URL http://220.127.116.11.@3476544375/o%62s%63ur%65%
- Obvious Grammatical or Spelling Errors “Thanks you for you’re investment”
- Strange structures
There are a host of well-known and commonly imitated scams out there. Check out Common Online Scams for a good description of the most popular.
Obvious Grammatical or Spelling Errors
This is another important indicator. Email messages that claim to be from a business and yet contain errors in grammar, use of words, spelling or punctuation should send you a red flag. Most businesses have several layers of review before a message is approved for release to the public. Obvious errors will typically be caught and removed during this process.
If the email just looks strange, has unusual formatting or parts that just don’t make sense, be suspicious.
IP Addresses in the URL
If you ever see an IP address in the shown or the real URL, be suspicious. For example:
Remember that the target of a URL is between the // and the first /
This means that the red part is the target of the URL.
This is an IP address, not something readable (like “amazon.com” for example). You have to ask yourself what the senders of this message are trying to hide…