One of the most common methods of cybercrime is phishing, where users are sent spam emails containing harmful content that could compromise their private data. According to Mimecast’s State of Email Security 2020, phishing attacks seem to have increased in the past half-year by 58%. Here is how you can carefully detect a phishing email attack according to It Governance.
An email sent from a public email domain
A legitimate organization would not send a professional email using their Gmail or yahoo accounts, they would use their corporate email domains. If the domain name is similar to that of the sender of the email, the message is probably legitimate and not a scam. You can double check by searching the company’s name on a search engine. However, cybercriminals can be very clever when trying to deceive people and may cover their tracks well. Some of them may use an inbox display name, to get users to open the emails like the displayed name would read Google or Paypal, even though the sender is using the spoofed organization’s name in the local part of the email address. Thus, checking email addresses and from where they have been sent is important in detecting if it’s legitimate or not, especially since some use official company logos and professionally write down emails to make them appear genuine.
The mis-spelling of the domain name
Domain names are pretty easy to purchase for anyone but cannot be replicated and need to be unique. However, some cyber criminals will…