In a world with hackers and scammers trying to steal your information, you can never be too careful when it comes to online safety – especially when it comes to emails. This Slideshare contains tips to help you spot malicious emails before you fall prey to their schemes.
2. In today’s world of scammers and hackers,
it’s hard to keep up with all the various
ploys on the Internet aimed at stealing
personal or corporate information for
malicious reasons.
3. In today’s world of scammers and hackers,
it’s hard to keep up with all the various
ploys on the Internet aimed at stealing
personal or corporate information for
malicious reasons.
However, there are some ways to tell
if the e-mail you receive is a legitimate
communication or if it’s a scam.
5. Do not accept that an e-mail is
the real deal just because you’re
busy, stressed, or have 150 other
unread messages in your inbox.
Stop for a minute and think about
the e-mail.
THINK CRITICALLY
1
6. Ask yourself:
• Does the e-mail come from someone I know?
• Was I expecting this e-mail?
• Are the requests being asked of me reasonable
or plausible?
• Does this e-mail employ emotional content
such as fear, greed, or curiosity, or, most
important, does it try to get me to take an action
(usually urgently)?
THINK CRITICALLY
1
8. Simply move your mouse over
any link, but DO NOT CLICK IT!
Just let your mouse cursor hover
over the link and see what name
comes up.
Does it match the official
company website, or would it
take you elsewhere?
LEARN TO HOVER
2
10. DECIPHER THE URL
3
you can assume it’s not legitimate.
If the e-mail includes a website address, look at
that URL to see if there’s anything unusual.
Amazon.com
For example, if an
e-mail claims to be from
but the URL ends in .ru
(a Russian domain
and not a real
Amazon address),
11. PRO TIPS
The next two tips are
aimed at businesses that
are quite large and have
dedicated information
security staff.
13. E-mail headers tell you how an e-mail
got to your address.
If it’s a legit e-mail, the domain from the
header should match the domain given
in the e-mail. Likewise, the return path
and authentication results should
match the details given in the e-mail.
ANALYZE E-MAIL HEADERS
4
15. Sandboxing is a term used in the
tech field to describe creating an
environment where one can run
untested or untrusted code.
Many large companies use virtual machines to create
sandboxes, so e-mail or other applications can be
tested to determine whether they’re safe. Some
companies sandbox all incoming e-mail and only let
through those that are deemed safe and friendly.
SANDbOx E-MAILS
5
16. For more ways to defend
against phishing, check out
PHISHING
DARK WATERS
The Offensive and Defensive Sides
of Malicious E-mails
by Christopher Hadnagy and Michele Fincher