What is a Common Indicator of a Phishing Attempt?
Everyone gets phishing emails. But not everyone falls for them.
If you do fall for them, a successful phishing attack can provide malicious actors with vital information, financial rewards and a foothold in corporate networks.
Like a ripple effect, these cybercriminals can gain access to a wealth of data that can be leveraged to design and launch even more cyberattacks aimed at higher valued contacts, assets and networks.
Today’s phishers are technologically adept. They have the tools and expertise to launch diverse and sophisticated phishing attacks that are largely successful because they seem authentic. Examples of cleverly disguised phishing scams range from spear phishing to business email compromise to deep fake voice impersonations.
Phishing can be difficult to spot because the nature of the tactic is to deceive.
So, can you know what is a common indicator of a phishing attempt so you can avoid falling victim to them?
Download the eBook, How to Spot and Thwart Phishing Scams: A Guide for Businesses.
Regardless of the technique or medium used in the phishing scam, most phishing attempts have the same common indicators that your employees should be able to spot.
Eight Common Indicators of a Phishing Attempt
Many employees tend to overestimate their ability to distinguish phishing emails from genuine ones. To make matters worse, many phishing scams are purposely designed to “social engineer” emotions that trigger people to act, such as fear, sympathy and altruism.
The best defense against phishing is an informed workforce. Here are eight common indicators of a phishing attempt, along with examples of how these tactics have worked.
1. Incorrect Email Address
One of the most common indicators of a phishing attempt is an incorrect or similar looking email addresses or email domain. It’s incredibly easy for a cybercriminal to create a fake email domain that resembles a real organization.
The fake domains are often created by substituting letters to create a domain that resembles that of a real organization name. By substituting the letters “r” and “n” for the letter “m,” a fake domain can easily resemble the real domain name (i.e., customersupport@walrnart.com)
Another way cybercriminals create fake domains is by including a portion of a real organization’s name in the fake domain name. For example, the email could be sent from support@microsoftsupport.com.
A recipient might see the word “Microsoft” in the address and assume this is an email from the real organization. So always check the email address of a message before you reply, click a link or download an attachment.
2. Suspicious Subject Lines
Beware of subject lines that generically reference the use of online services and social media.
Cybercriminals capitalize on individuals’ and corporate users’ heavy reliance on virtual communication channels. While some of the more successful subject lines appeal to a sense of urgency or fear, others indicate that you simply need to take some kind of action.
Such subject lines are common indicators of a phishing attempt. In the U.S., phishing emails sent with the following subject lines received the most clicks:
- Email Account Updates
- Remote Working Satisfaction Survey
- Acknowledge Your Appraisal
- Important: Dress Code Changes
- Password Check Required Immediately
- Vacation Policy Update
3. Multiple Grammatical and Spelling Errors
Everyone makes grammatical or spelling errors from time to time, but phishing emails sent in bulk can be riddled with them. If an email contains spelling and grammatical inconsistencies in addition to other red flags listed here, it’s most likely an indicator of a phishing attempt.
One caveat: today’s phishers are less prone to such mistakes, so it’s wise to consider the clumsy use of language, grammatical errors and poor spelling along with other common indicators of a phishing attempt.
In other words, poor grammar may be a sign, but the absence of it doesn’t mean you’re in the clear.
4. Unusual Payment Requests
Any unusual payment request is a common indicator of a phishing attempt.
Most employees will balk at an email containing a compelling story that ends with the sender requesting payment for bogus reasons. But what happens when the payment request is for services or items your business typically purchases, accompanied by an official-looking invoice?
Educate your employees that a phishing email may even appear to come from a frequently used vendor, well-known businesses or even government institutions. According to Check Point, Microsoft is the most impersonated brand globally when it comes to brand phishing attempts.
In general, a good rule of thumb is to be highly suspicious of emails from any source that directly asks you to share personal information, such as bank account information, social security numbers, login credentials, mother’s maiden name, etc. Always contact the organization directly to confirm the legitimacy of any request.
5. Generic Greetings
Less sophisticated phishing emails often begin with a generic greeting, such as Hi, Hello, Dear Customer, Hi User, etc.
Such emails are mass distributed and typically come with broad-sounding greetings because the phisher is unwilling to go through the hassle of the research required to send individually targeted emails.
Most legitimate companies personalize their emails. Bottom line: consider generic greetings in today’s cyberspace a red flag and a likely indicator of a phishing attempt.
6. Manipulative Language
Malicious actors use emotionally charged verbiage to persuade targets to do what they want. For instance, phishers may imitate government and law enforcement agencies to induce fear and get victims to act before thinking. This fear prevents victims from taking a close look at the phishing email to confirm its authenticity.
A common indicator of a phishing attempt could be phrases like:
- I’m in a meeting and need you to send a gift card to a client now.
- Your account was hacked, and you need to provide your information immediately.
- Claim this exclusive offer before it expires in an hour.
In the right context and setting, these compelling calls to action are hard to ignore.
Organizations can organize anti-phishing education to help employees identify and thwart phishing emails with such a strong emotional pull.
7. Unusual Attachments
Attachments are used for distributing malware and hiding content from email security solutions. Emails that lack information in the message body and just include an attachment or claim to include information in an attachment that could easily have been included in the message body are common indicators of a phishing attempt.
The rule of thumb is to never open an unsolicited attachment in an email.
8. Unexpected Communication
Most organizations don’t request personal information or sensitive credentials via email. This is due to the insecure nature of this communication channel. So, any emails from a supervisor, manager or colleague urgently requesting sensitive information could be an indicator of a phishing attempt.
Of course, suddenly receiving an urgent email from an unknown coworker whom you’ve never interacted with should raise some eyebrows. But even an email from a boss or colleague whom you regularly interact with that uses unexpected language should be viewed with suspicion.
Humans recognize and relate to one another through consistent linguistic patterns. If you receive an email from a colleague that sounds strange, take notice.
Always pay close attention to domains and sub-domains and check for similar-looking characters or misspellings in URLs. Before clicking on an embedded link, hover the mouse cursor over the link to check for hidden URLs
Learn More About Common Indicators of a Phishing Attempt
Phishing attacks rely on social engineering techniques to create emotional responses that trigger targets to impulsively react and succumb to requests. This human factor is a powerful reason why some phishing scams work.
It’s also a reason why anti-phishing education is your company’s best bet to avoid becoming a cyberattack statistic.
The first step? Ensuring employees understand how to answer this question: What is a common indicator of a phishing attempt?
To increase your chances of avoiding a catastrophic phishing scam, ongoing security awareness training can bolster your company’s cybersecurity plan. At Warren Averett Technology Group, we help companies design and structure security awareness training that is comprehensive and focused on simulating real-world scenarios. We can also help you understand more about how to secure your IT environment by scheduling a cybersecurity consultation with us today.
