One of the easiest ways for a hacker to access your files is through Spam or Malware Scams. Emails can look rather authentic, but there are 7 ways to identify if the email is real or only trick-bait.
 |
#1 - WHO IS IT "FROM?"
- Is the sender’s email address correct for someone I ordinarily communicate with?
- Is this email from outside my organization and not related to my job responsibilities?
- Is the email from someone I work with but is unusual or out of character?
- Is the sender’s email address from a suspicious domain? Possibly a misspelling of a familiar website?
- Does the email have an embedded hyperlink or attachment from someone I hadn’t communicated with recently or at all?
- Do I know the sender?
|
|
#2 & 3 - IT'S "TO" & "WHEN"
- Was I cc’d on an email sent to one or more people who I don’t personally know?
- Was the email sent to an unusual mix of people, like a seemingly random group of people whose last names start with the same letter, or a whole list of unrelated addresses?
- Was the email sent at an unusual time like 3:00am?
|
 |
 |
#4 - CHECK THE "SUBJECT"
- Is the subject line irrelevant or does not match the content?
- Does the subject line make sense coming from the sender?
- Does the email subject seem to be a reply to a message I never sent or requested?
|
|
#5 - CHECK THE "CONTENT"
- Is the sender threatening me with a negative consequence?
- Is the email out of the ordinary or does it have bad grammar or spelling errors?
- Is the sender asking me to click a link or open up an attachment that seems odd?
- Do I have an uncomfortable gut feeling about it?
- Is there an attachment in an email from a company who never sends me attachments, like the IRS, banks, UPS, FedEx, airlines, etc.?
- Does the message ask for personal information or to wire transfer funds?
- Does the offer seem too good to be true?
|
 |
 |
#6 - HOVER OVER HYPERLINKS
- When I hover my mouse over a hyperlink that’s displayed in an email message, does the link to the address show a different website than the email sender? BIG RED FLAG. Always hover to check the hyperlink address!
- Did the hyperlink misspell a familiar web site name? For example: www.banofarnerica.com (“m” replaced by two characters “r” & “n”).
- Did I receive an email that only has long hyperlinks with no further information?
|
|
#7 - ATTACHMENTS AND DOWNLOADS
- Did the sender include an email attachment that I was not expecting or that makes no sense in relation to the email?
- Is there an attachment with a possibly dangerous file type? The only file type that is always safe to click is a .txt file.
- Does the email contain a .zip or .exe attachment? Legitimate emails never send .zip or .exe attachments. Never open them.
|
 |
If any of these 7 indicators are present in an email being sent to you or any of your employees, chances are, it is malware. There are measures you can take to be proactive with your employees.
Fill out the form below and we would be happy to send you a printable version of these 7 indicators to be placed on every workstation in your office.
Bring awareness to your staff and minimize the vulnerabilities. If you have further questions, or if you are interested in deeper malware and email education for your staff members, connect with us to Discuss Security Solutions with StratX!
