Home > Cyber News > Giveaways of a Malicious Email

Giveaways of a Malicious Email

Warning! This Email Is Malicious!

Nowadays emails get proper spam filtering. Not long ago it was a lot easier for spam email to end up in your inbox. Luckily this is history now, especially if you use Gmail.

Keep in mind that there is no such thing as a entirely secure system. Occasionally a spam message will make it into your inbox. But how are you supposed to recognize a scam email?

Bellow you will find a short list of the most common giveaways of a spam email.

Dear Client

What scammers hope for in the most cases, is that you – the target – have no idea that there is a piece of technology in Microsoft Word and other applications, called mail merge. This is a feature that creates a template, which main purpose is to use a customer list automatically to fill in various personal information and the last four digits of a bank account number or credit card.

What does it mean? When you receive an email from your bank, you expect it to say “Dear John” and not “Dear Client” or something similar. In case the email you open is addressed to the “dear customer” and requires that you follow a link to provide your bank account details, there is a big chance you are dealing with a phishing scam.

This doesn’t mean you should trust every email that addresses you personally, but you can be certain that if you receive an email from a company you have business relations with or a bank where you have an account, you will be addressed by name.

The Link

If you are not certain about an email, just move the cursor over the links that are in the body of the email. Do not click on them. Take a look at the lower left corner of your email client or browser. There must be the address of the link. If you read it carefully, you will figure out quite easily that this is a scam. What scammers usually do is use the name of a big firm in the address, so you’d think it’s a message from a legitimate company. The user typically reads only the first few symbols in the address, but if you pay close attention to the rest of it, you will surely see that the link actually leads to another webpage, you have never heard of. The problem is that when the URL is so long, you never know what’s authentic and what isn’t. There is a simple rule you can follow – read the URL till you reach a backslash and then back up at the first period before it. Everything before the period is the address of the page you are being redirected to, usually an unknown subdomain.

The Attachment

If the scam with the link doesn’t work, the scammers always have another trick right up their sleeve – an email attachment with malicious content. The attachment is usually presented as a requirement for a payment or a similar issue. The scammers usually count on the first reaction of the user – usually being concerned or even scared – to open the malicious file. People often download the attached file just to make sure that there is no mistake. This is the point where you should stop and think. There is another rule – do not open any attachment you do not expect. It doesn’t matter who is sending it.

Although using email is much more secure than it used to be, it requires a certain amount of cautiousness, because it is still a quite popular attack method among cyber criminals.

Berta Bilbao

Berta is a dedicated malware researcher, dreaming for a more secure cyber space. Her fascination with IT security began a few years ago when a malware locked her out of her own computer.

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share