Phishing attacks are on the rise, increasing by more than 162 percent from 2010 to 2014, according to some estimates. If you think that is nothing, consider that it costs the world USD 4.5 billion to face these attacks and over 50% of internet users get one phishing email per day.
Offense As a Defense
According to Big Scammers, the best defense is to report scam emails and block malicious emails before they reach the client with DMARC or Domain based Message Authentication Reporting and Conformance standards. Brands must function in tandem with the vendor to offer email threat intelligence information. Attacks that seek to replicate their brands using company control free domains are the main target here. By ensuring that companies report scam emails, they can protect their business interests and their customers.
But despite the precautions a business takes, some phishing emails will always reach your inbox and affect business security. Most of these email messages are extremely effective because they are difficult to detect as phishing emails, by a majority of the people. It is the responsibility of the business to educate the consumers regarding procedures on how to report scam emails.
If you are wondering what a phishing or spoofing email is all about, here are the essential features that should tip you off when to report emails.
Tip#1: When Display Names Are More Than Meets the Eye
A much preferred phishing tactic used by cybercriminals is to replicate the display name of an organizational email. World's largest brands are generally targeted and nearly half of all email scams spoof their display title. DMARC does not block these emails because they appear legit and most users get taken in and do not report the scam emails.
Tip#2 Trick is not to Click
Move your mouse over links embedded in the email's body. If the link address looks unusual, don't click on this. If the link has to be evaluated, open a fresh window and type in the web address rather than clicking on links from emails that are not solicited.
Tip#3 Criminals Make Spelling Mistakes
Brands and companies alike are pretty serious about their email. Legit messages lack major spelling mistakes or grammatical errors. Read and check the emails with care, and report emails that are suspicious.
Tip #4 How Does the Email Begin?
Check the salutation used. If the email is addressed in a vague way, legit businesses are definitely not sending it. The legit business will use the name instead of a generic title. The criminal does not know your name and mass mails people using generic titles.
Tip #5 Never Share Personal Information
Legit banks and companies never ask for personal credentials through electronic email. If someone is pressing you to reveal your details online, it is definitely time to report these emails and ensure justice is done.
Tip#6 Beware of Threatening Language
Creating a sense of false urgency by using threatening language is a common ploy used by phishers. Subject lines which threaten account suspension or indicate unauthorized login attempts are generally a potential red flag.
Tip#7 Check the Signature
Lack of details about the signer or just a first name suggests a phishing attempt is in progress and you should report scam emails. Legit businesses or companies always provide the complete contact details and do not try to hide behind lack of details.
If something does not look right, it probably is not. It is imperative that you check the online community to see if others have reported similar scam emails. It is always critical to report scam emails in time because justice delayed can become justice denied quite easily. The scammer can make a quick getaway if he/she suspects something, so always check the online forums and alert people by reporting the scam.
