• Partners
  • Blog
  • Community
  • Contact
Cofense
  • Products
    Cofense PhishMe
    Employee Conditioning for Resiliency Against Phishing
    View Cofense PhishMe
    Cofense PhishMe Suite:
    • Cofense PhishMe Enterprise
    • Cofense PhishMe SBE
    • Cofense PhishMe Free
    Cofense Triage
    Analyze and Respond to Email Threats
    Cofense Reporter
    Real Threats In Real Time From Employees
    Cofense Intelligence
    Human-Vetted, High Fidelity Phishing Threat Intelligence
    Cofense Vision
    Manage and Identify Emails. Hunt Threats Faster
    Phishing Defense Services
    Stop Phishing Attacks in their Tracks
    Cofense CBFree
    High Quality, Complimentary, Computer Based Training
    Cofense LMS
    Streamlined Employee Computer-Based Training
    Cofense Professional Services
    Unleash Your Human Defense Team
  • Solutions
    Solutions By Industry
    Critical Infrastucture Financial Services Government Healthcare Higher Education Legal & Professional Services Manufacturing Energy/Utilities Technology
  • About Cofense
    Why Cofense
    We’re Dedicated to Providing World Class Security Solutions
    Company Overview
    Careers
    Awards
    Leadership
    Investors
    Upcoming Events
    View All Events
    Feb 11, 2019
    HIMSS
    View Event
    Mar 4, 2019
    RSA
    View Event
    Featured News
    View News Center
    20-Nov-18
    Report: Emotet makes phishing lures more convincing by scraping victims’ emails
    CyberScoop
    15-Nov-18
    Report Shows Increase in Email Attacks Using .com File Extensions
    SecurityWeek
  • Free Tools
    Cofense PhishMe Free
    The Turnkey Application Free For (Sm)All
    Cofense CBFree
    High Quality, Complimentary, Computer Based Training
    Threat Alerts
    Sign Up for Free Threat Alerts from Cofense Intelligence and Cofense Research
    Cloud Seeker
    Uncover the SaaS Applications Configured for Your Domain
  • Resources
  • Request a Demo
✕
Products
›
‹
Products
Cofense PhishMe
Employee Conditioning for Resiliency Against Phishing
Cofense PhishMe Suite
  • Cofense PhishMe Enterprise
  • Cofense PhishMe SBE
  • Cofense PhishMe Free
Cofense Triage
Cofense Reporter
Cofense Intelligence
Cofense Vision
Phishing Defense Services
Cofense CBFree
Cofense LMS
Cofense Professional Services
Solutions
›
‹
Solutions
Solutions by Industry
›
‹
Solutions By Industry
Critical Infrastucture
Financial Services
Government
Healthcare
Higher Education
Legal & Professional Services
Manufacturing
Energy/Utilities
Technology
About Cofense
›
‹
Products
Why Cofense
We’re Dedicated to Providing World Class Security Solutions
Company Overview
Careers
Awards
Leadership
Investors
Events
News Center
Free Tools
›
‹
Free Tools
Cofense PhishMe Free
Cofense CBFree
Threat Alerts
Cloud Seeker
Resources
Request a Demo
  • Partners
  • Blog
  • Community
  • Contact

How to Spot Phishing

  • Home
  • >
  • How to Spot Phishing

Phishing is not a new phenomenon – it has been the most common attack vector for cybercriminals for a number of years – but, due to the increasing complexity of phishing scams, knowing how to spot phishing emails is becoming more important than ever before. 

In spite of advances in anti-virus protocols and detection technology, phishing attacks continue to increase in number and impact. Everyone is a target in today’s cyberwar climate but, by educating your workforce about how to spot phishing and deal with phishing attacks appropriately, today´s targets can become the primary defense sentinels of the future. 

Step 1 of How to Spot Phishing is Knowing What a Phish Is 

The first step in spotting a phishing email comes with understanding what a phishing email is. The most accurate definition of a phishing email is an email sent to a recipient with the objective of making the recipient perform a specific task. The attacker may use social engineering techniques to make their email look genuine, and include a request to click on a link, open an attachment, or provide other sensitive information such as login credentials. 

Socially engineered phishing emails are the most dangerous. They are constructed to be relevant and appear genuine to their targets. The recipient is more trusting of the email and performs the specific task requested in the email. The results can be devastating. If the recipient clicks on a link to a malware-infected website, opens an attachment with a malicious payload or divulges their login credentials, an attacker can access a corporate network undetected. 

Why Socially Engineered Phishing Emails are so Effective  

It´s actually quite scary how much you can find out about an individual on the Internet without having to hack databases or trick somebody into divulging confidential information. Hackers can quickly accumulate personal information from social media sites, professional profiles and other online publications in order to identify the triggers that people respond to.  

It would not be too difficult to find details of an employee´s children, the school they attend, and an event happening at the school, in order to send the parent an email inviting them to click on a link or open an attachment about their child´s participation in the event. With the advent of Machine Learning and Artificial Intelligence, phishers will be able to collate this information much more quickly in the future.   

Tips for How to Spot a Phishing Email 

Socially engineered phishing emails often evade detection by email filters due to their sophistication. They have the right Sender Policy Frameworks and SMTP controls to pass the filter´s front-end tests, and are rarely sent in bulk from blacklisted IP addresses to avoid being blocked by Realtime Blackhole Lists. Because they are often individually crafted, they can even evade detection from advanced email filters with Greylisting capabilities.  

However, phishing emails often have common characteristics. They are frequently constructed to trigger emotions such as curiosity, sympathy, fear and greed; and if a workforce is advised of these characteristics – and told what action to take when a threat is suspected – the time invested in training a workforce in how to spot a phishing email can thwart attacks and network infiltration by the attacker. 

Emails Demanding Urgent Action 

Emails threatening a negative consequence, or a loss of opportunity unless urgent action is taken, are often phishing emails. Attackers often use this approach to rush recipients into an action before they have had the opportunity to study the email for potential flaws or inconsistencies. 

Emails with Bad Grammar and Spelling Mistakes 

Another way to spot phishing is bad grammar and spelling mistakes. Many companies apply spell-checking tools to outgoing emails by default to ensure their emails are grammatically correct. Those who use browser-based email clients apply autocorrect or highlight features on web browsers. 

Emails with an Unfamiliar Greeting or Salutation 

Emails exchanged between work colleagues usually have an informal salutation. Those that start “Dear,” or contain phrases not normally used in informal conversation, are from sources unfamiliar with the style of office interaction used in your business and should arouse suspicion. 

Inconsistencies in Email Addresses, Links & Domain Names 

Another way how to spot phishing is by finding inconsistencies in email addresses, links and domain names. Does the email originate from an organization corresponded with often? If so, check the sender´s address against previous emails from the same organization. Look to see if a link is legitimate by hovering the mouse pointer over the link to see what pops up. If an email allegedly originates from (say) Google, but the domain name reads something else, report the email as a phishing attack. 

Suspicious Attachments 

Most work-related file sharing now takes place via collaboration tools such as SharePoint, OneDrive or Dropbox. Therefore internal emails with attachments should always be treated suspiciously – especially if they have an unfamiliar extension or one commonly associated with malware (.zip, .exe, .scr, etc.). 

Emails Requesting Login Credentials, Payment Information or Sensitive Data 

Emails originating from an unexpected or unfamiliar sender that request login credentials, payment information or other sensitive data should always be treated with caution. Spear phishers can forge login pages to look similar to the real thing and send an email containing a link that directs the recipient to the fake page. Whenever a recipient is redirected to a login page, or told a payment is due, they should refrain from inputting information unless they are 100% certain the email is legitimate. 

Too Good to Be True Emails 

Too good to be true emails are those which incentivize the recipient to click on a link or open an attachment by claiming there will be a reward of some nature. If the sender of the email is unfamiliar or the recipient did not initiate the contact, the likelihood is this is a phishing email. 

“If You See Something, Say Something” 

Conditioning employees in how to spot and report suspicious emails – even when opened – should be a workforce-wide exercise. The chances are that if one of your workforce is the subject of a phishing attack, others employees will be as well. “If you see something, say something” should be a permanent rule in the workplace, and it is essential that employees have a supportive process for reporting emails they have identified or opened. 

The reporting of potential phishing attacks and opened suspicious emails enables security personnel to secure the network in good time – mitigating the risk that a threat will spread to other areas of the network and minimizing disruption. It is also a good practice to identify which employees spot actual phishing emails in order to prioritize action when multiple reports of a phishing attack are received. 

This is the basis of how Cofense´s Human Phishing Defenses work. Our solutions provide simulation exercises based on real examples of socially engineered phishing attacks in order to better teach employees how to spot phishing emails and report them – whether they have been opened and actioned or not. In the event a phishing email has avoided detection, our solutions also provide end-to-end phishing mitigation to accelerate response and resolution. Contact us today to find out more. 

Pages

  • 19 Minutes – Case Study
  • 19 Minutes – Triage Case Study
  • 19 Minutes – Triage Case Study – Echo
  • 19 Minutes – Triage Case Study – LinkedIn
  • 2016 Enterprise Phishing Susceptibility Report
  • 2016 Enterprise Phishing Susceptibility Report Cybrary
  • 2016 Enterprise Phishing Susceptibility Report ITWeb
  • 2016 Q3 Malware Review
  • 2017 Enterprise Phishing Resiliency Report
  • 2017 Q1 Malware Review
  • 2017 Q1 Malware Review Dark Reading
  • 2017 Q2 Malware Review
  • 2018 Phishing Predictions
  • 2019 Phishing Defense Resolutions
  • 2019 Predictions eBook
  • Adwords Switch
  • Animal House – RSA 2018
  • Animal House – RSA 2018 – Attack-IQ
  • Animal House – RSA 2018 – AttackIQ
  • Animal House – RSA 2018 – Recorded Future
  • Animal House – RSA 2018 – Vade Secure
  • Anti-Phishing Best Practices
  • Anti-Phishing Seminar — Japan
  • Awards
  • BEC Seminar — Japan
  • Become A Partner
  • Become A Partner
  • Become a Partner Thank You
  • BlackHat Heroes
  • BlackHat Heroes – AttackIQ
  • BlackHat Heroes – Recorded Future
  • BlackHat Heroes – SentinelOne
  • Block Phishing
  • Blog Archive 2016
  • Case Studies
  • CBFree
  • CBFree
  • CBFree – Customers
  • CBFree All Modules – Customers – Thank You!
  • CBFree Awareness Modules – Thank You – Spanish
  • CBFree Awareness Modules – Thank You!
  • CBFree Download All
  • CBFree Downloads
  • CBFree for Customers
  • CBFree Register to Download
  • CBfree Training Enjoy
  • Cbfree Website Disclaimer
  • CBFree — Download All Modules Customers
  • CBFree — Download Awareness Modules
  • CBFree — Download Awareness Modules – Customers
  • CBFree — Download CBT Modules
  • CBFree — Download CBT Modules – Customers
  • Channel Partners
  • Channel Webinar – Americas
  • Channel Webinar – ANZ
  • Channel Webinar – Asia
  • Channel Webinar – Europe
  • Channel Webinar – Japan
  • Channel Webinar – META
  • CISO Summit 2018
  • CloudSeeker
  • Cofense @ RSA 2017
  • Cofense Affiliate Partners
  • Cofense Blog
  • Cofense Intelligence and Splunk
  • Cofense Legal
    • Cofense PhishMe Free Agreement
    • Cofense Purchase Order Terms
    • Cofense Reporter Community
    • Evaluation Agreement
    • Integration Applications Agreement
    • Master Software and Services Agreement
    • Web Terms of Use
  • Cofense LMS
  • Cofense Malware Review 2018
  • Cofense Phishing Defense Services – 24/7
  • Cofense Phishing Defense Services – PDC Trial
  • Cofense Phishing Defense Services – PDC Trial – AdWords
  • Cofense Phishing Defense Services – PDC Trial – Demo
  • Cofense Phishing Defense Services – PDC Trial – LinkedIn
  • Cofense PhishMe Free
  • Cofense PhishMe Free – CDW
  • Cofense PhishMe Free – FSISAC
  • Cofense PhishMe Free – Generic Channel Link
  • Cofense PhishMe Free – Guidepoint
  • Cofense PhishMe Free – Holiday Bundle
  • Cofense PhishMe Free – Holiday Bundle Pure B2B
  • Cofense PhishMe Free – IASAP
  • Cofense PhishMe Free – Insight
  • Cofense PhishMe Free – Landing Page
  • Cofense PhishMe Free – Landing Page
  • Cofense PhishMe Free – Mission Critical
  • Cofense PhishMe Free – Optiv
  • Cofense PhishMe Free – Pure B2B
  • Cofense PhishMe Free – Quann
  • Cofense PhishMe Free – SHI
  • Cofense PhishMe Free – Softchoice
  • Cofense PhishMe Free – Telstra
  • Cofense PhishMe Free – Telus
  • Cofense PhishMe Free – Viadex
  • Cofense PhishMe Free – WBJ
  • Cofense PhishMe Free Adwords
  • Cofense PhishMe Free Cybrary
  • Cofense PhishMe Free LinkedIn
  • Cofense PhishMe Free Spiceworks
  • Cofense Privacy Policy
  • Cofense Simulator SBE
  • Cofense Triage Demo
    • Triage Demo – Cybersecurity Incident Response
    • Triage Demo – Security Incident Response
  • Cofense Vision
  • Cofense, Inc. Partner Community Terms
  • Company
    • Awards
    • Board Of Directors
    • Careers
    • Management Team
    • Overview
    • Partners
    • Solutions by Industry
  • Compliance Resources
  • Contact
  • Contact Sales
  • Contact Support
  • Contact Us – New
  • CTA
  • Customers
  • Cyber Security Awareness Resources
  • Cyber Security Awareness Training
  • Data Breach Infographic
  • Domain Impact Assessment
  • Download Form – Leveraging Human Cognition to Stop Phishing Threats
  • Events
  • Forrester – Cofense TEI Study
  • Forrester – Cofense TEI Study
  • Gartner Magic Quadrant – 2017
  • Gartner Magic Quadrant – 2018
  • Gartner Magic Quadrant – 2018 – LinkedIn
  • Gartner Magic Quadrant Security Awareness
  • Gartner MQ – Thank You
  • Gartner Peer Reviews
  • General Inquiries
  • Healthcare: Phishing is a Pain
  • Healthcare: Phishing is a Pain — HIMSS
  • Healthcare: Phishing is a Pain — ISMG
  • Healthcare: Phishing is a Pain — LinkedIn
  • Healthcare: Phishing is a Pain — SCMag
  • History of Phishing
  • Home
  • How do you get Ransomware?
  • How to Identify a Phishing Attack
  • How to Identify a Phishing Email
  • How to Spot Phishing
  • How to Stop Phishing Breaches
  • In the News
  • Incident Response
  • Incident Response Resource Center
  • Incident Response Solutions
  • Infographics
  • Integrated Intelligence
  • Investors
  • Left of Breach eBook
  • Live Demo – Netengtel
  • Live Demo – Quann
  • Malware Intelligence
  • Malware Year in Review 2016
  • Malware Year-in-Review
  • Managed Security Service Providers
  • Meet with Cofense at InfoSecurity Europe
  • Mel Wesley
  • News & Press Releases
  • News Center
  • Nurture Switch
  • Online Security Awareness Training
  • Osterman Research Paper
  • Overview
  • Partner Form – Stage 1
  • Partner Form – Stage 2
  • Partner Form – Stage 3
  • Partner Lead Submit Thank You
  • Partner Portal Login Request
  • Partner Routing
  • Phishing Awareness
  • Phishing Awareness Tips
  • Phishing Awareness Training
  • Phishing Defense Solutions for Critical Infrastructure
  • Phishing Defense Solutions for Energy and Utilities
  • Phishing Defense Solutions for Financial Services
  • Phishing Defense Solutions for Government and Public Sector
  • Phishing Defense Solutions for Healthcare
  • Phishing Defense Solutions for Higher Education
  • Phishing Defense Solutions for Legal Services
  • Phishing Defense Solutions for Manufacturing
  • Phishing Defense Solutions for Technology
  • Phishing Incident Response
  • Phishing Intelligence
  • Phishing Response Trends – Australia
  • Phishing Response Trends – Europe
  • Phishing Response Trends – Master Download
  • Phishing Response Trends – Singapore
  • Phishing Response Trends – South Africa
  • Phishing Response Trends – UK
  • Phishing Response Trends – US
  • Phishing Response Trends Cybrary
  • Phishing Response Trends ITWeb
  • Phishing Statistics
  • Phishing Threats
  • Phishing Training
  • PhishMe Certification
  • PhishMe Content
  • PhishMe is Now Cofense
  • PhishMe is Now Cofense – DarkReading
  • PhishMe is Now Cofense – IDG
  • PhishMe is Now Cofense – ITWeb
  • PhishMe is Now Cofense – SC Mag
  • PhishMe is Now Cofense – SC Mag UK
  • PhishMe is Now Cofense – TechDay
  • PhishMe Submerge Abstracts EMEA
  • PhishMe Submerge Abstracts Revised
  • Power Up
  • Products & Services
    • Cofense Intelligence
    • Cofense Phishing Defense Services
    • Cofense PhishMe
    • Cofense Reporter
    • Cofense Triage
    • Live Demo
    • Live Demo
    • Overview
    • Professional Services
  • Ransomware Examples
  • Ransomware Intelligence
  • Ransomware Resource Center
  • Ransomware Resources
  • Request a Demo – Google AdWords
  • Request a Live Demo
  • Request a Live Demo – DRA
  • Request a Live Demo – EAO
  • Request a Live Demo – ECL
  • Resources
    • CBFree Thank You!
    • User Community
  • Responsible Disclosure Program and Security Researcher Hall of Fame
  • RFPs Made Easy
  • Security Awareness
  • Security Awareness Solutions
  • Security Awareness Training
  • Session Expired
  • Signs of a Phishing Email
  • Sitemap
  • Six Keys to Faster Phishing Mitigation
  • Small Business Solutions
  • SMBs and Phishing
  • SMBs and Phishing
  • Solutions & Product Sheets
  • Submerge
  • Submerge – Call for entries
  • Submerge 2017
  • Submerge 2018
  • Submerge 2018 Terms and Conditions
  • Submerge 2019: Call for Speakers
  • Submerge Eighties Party
  • Submerge London
  • Submerge Schedule 2018
  • Submerge Topics 2018
  • Submerge Updates – 2017
  • Technology Partners
  • Ten Confessions eBook
  • Terms and Conditions
  • Terms and Conditions London
  • test page
  • Thank You – CloudSeeker
  • Thank You – Cofense PhishMe Free
  • Thank You – contact
  • Thank You – General
  • Thank You – Healthcare Brief
  • Thank You – Partner Login Details
  • Thank You – Party Pack
  • Thank You – Register
  • Thank You – Request Demo
  • Thank You – Request Demo (DEV)
  • Thank You – RFP
  • Thank You – Sales
  • Thank You – Support
  • Thank You – Survey Report
  • Thank You – Triage eBook Adwords
  • Thanks for all the Phish – Cybrary
  • The Cofenders
  • The State of Phishing Defence 2018 – UK
  • The State of Phishing Defense 2018
  • The State of Phishing Defense 2018 – SC Mag
  • Threat Alerts
  • Threat Data Solutions
  • Tokyo Seminar
  • Transportation
  • Triage Certification
  • Triage Demo – AdWords
  • Triage Demo – AdWords 2
  • Triage Demo – APAC
  • Triage Demo – META
  • Triage Demo – New Features
  • Trusted By Over Half of the Fortune 100
  • Videos
  • Webinars
  • Whitepapers
  • Why Are Users Waving Goodbye to KnowBe4?
  • Why Are Users Waving Goodbye to Wombat?
  • Why Companies are Choosing Cofense over Ironscales
  • 従業員教育によるフィッシング対策のフィッシュミー、日本に進出
Cofense Headquarters

1602 Village Market Blvd, SE #400
Leesburg, VA 20175
Tel: 703.652.0717

Sitemap
  • Overview
  • Management Team
  • Board Of Directors
  • Careers
  • Contact
  • Sitemap
Copyright © 2018 Cofense. All rights reserved.

Privacy Policy | Legal

WordPress Download Manager - Best Download Management Plugin

This site uses cookies. By clicking "OK" you are acknowledging that you have read and accepted our privacy policy.Ok

Under 500 employees?

Cofense PhishMe Free, our no-cost phishing defense solution, was created just for you!

Sign up for your free account