Best Ways to Identify a Phishing Scam
One of the most persistent cyber risks that organizations and consumers face is phishing. These frauds are almost as ancient as email itself, but they've managed to survive despite significant cybersecurity advances.
Fortunately, as cybersecurity knowledge has grown, more individuals are now aware of how to recognize a simple phishing scam. Standard procedures include checking for spelling problems, not trusting unknown email addresses, and being suspicious of too urgent messages.
Despite this, phishing is by far the most common assault, and it's also the most effective. In reality, phishing scams are at the root of many large-scale ransomware assaults. Let's look at how phishing schemes continue to defraud individuals and how to spot increasingly sophisticated scams.
Phishing Attacks Have Become More Difficult
The fact that phishing assaults are growing increasingly complex contributes to their continued success. The blatant "Nigerian prince" scams of the past do not reflect the current threat situation.
In the second quarter of 2020, 77.6% of phishing websites utilized SSL encryption, which many consumers consider to be a sign of trustworthiness. Similarly, genuine websites are hacked in 91 percent of these assaults to steal their domain verified (DV) certificates. As a result of these certifications, the assaults have the appearance of being certified and permitted.
Phishing using clones has also become increasingly common. In these types of attacks, scammers replicate a legal email and send an exact replica with a dangerous link. There will be no immediate indication that phishers have hacked into the authentic sender's account.
Advanced Phishing Scams to Avoid
Phishers have been more cautious about making their mails appear legitimate. Without further scrutiny, it's nearly hard to identify if what you're reading is a phishing email in many circumstances. That's a concern, given that 22% of questioned employees don't feel responsible to keep their employers' information secure.
While these sophisticated schemes are alarming, they aren't without flaws. There are four methods to detecting even the most sophisticated phishing assault.
1. Examine the email headers.
If there are no obvious clues, you can study an email's header for extra information. To see this in Gmail, select "Show Original" from the arrow next to "Reply." The option will also appear on the arrow next to "Reply" in Outlook in the browser, but it will state "View message source."
These settings display the entire email's raw code, however, the header is only the first text block. To make the header more readable, paste it into an email header analyzer application like MxToolbox and select "analyze." The findings will include a spam score, the source of the email, and the path it took.
An email with a low spam score may be nonetheless phishing. Check the "Received" box to discover how the message was delivered. It's most likely fraud if it went through a lot of sites or if some of them have strange domains.
The "Authentication-Results" box will display which of the message's verification procedures were successful. Look through all of the results for the term "pass." Don't trust the email if even one of them says 'failed.'
2. Examine domain names and links
Another crucial step is to look for any links in the message. Any domain name in the email or "From" field that differs from the name of a real firm is suspect, but these checks can go even farther.
To learn more about domain names and websites, copy and paste them into search engines or an analyzer like DomainTools. DomainTools can tell you when a domain was registered, and brand-new domains are almost always fake. If you search for the domain name, you may see if it has been reported as a fraud by other users.
To disguise websites, many hackers employ URL shorteners, therefore scrutinize these links before clicking on them. To expose the entire URL, copy and paste them into a URL checker like getlinkinfo.com or unshorten.it. It's most likely fraud if the complete address is long, has a lot of odd characters, or contains words that have nothing to do with the legitimate source.
3. Take a look at the source code
If you're still not sure about an email, you can examine its source code in greater detail. Follow the same methods for studying the header, but instead of only looking at the first block, look at the entire source code.
Look for the phrase "http" using the search feature in your text editor of choice. This will allow you to look through all of the links in the email, including those that are hidden. If you come across a domain that you don't recognize or that seems strange, Google it or use DomainTools to investigate it further.
External links might be buried in even legal emails. They may, for example, use a third-party email marketing service, which will appear in this audit.
However, a cursory examination of these linkages reveals their validity.
4. Even the most reliable sources should be questioned.
Finally, no message should be taken at face value, even if it comes from a reliable source. Many phishing scams today begin by getting into a legitimate account, such as the recent Facebook Messenger scam "Is it you in the video?"
Given the growth in phishing attempts, just because a communication appears to come from a legitimate, trusted source doesn't imply it isn't phishing. If communication feels strange or unusual, contact the sender via another method to confirm it was them, and then follow the steps above for the message.
Although phishing techniques have improved, safety is still a possibility.
While the fundamental notions of phishing have stayed unaltered for decades, today's attacks are significantly more sophisticated than they were in the past. Even in the face of advanced phishing methods, following these four actions can help everyone from CEOs to customers stay safe. As cybercrime becomes more prevalent, this kind of surveillance may become mandatory.
?
?