It’s Friday, time to let your hair down and think about winding down to the weekend. But don’t relax your awareness to social engineering attacks! Perpetrators of phishing and spear phishing will try to get to you via personal as well as business accounts so it’s important to remain prudent at all times.
It seems this week’s theme for scammers is ‘impersonating’ O2 – I use quotes because the example below is particularly poor.
This one is easy to spot as a spoof given the odd greeting message used and the unsuccessfully loaded header image as well as the sender address.
To help you stay safe here are some tips to help you identify inauthentic emails:
1. Scan the message for obvious grammatical or spelling errors
2. Look at the sender email address – bear in mind that it may display as an authentic or recognisable address.
3. Hover over the sender email address
Often when it expands it will show something which looks dodgy. In this example it’s: <firstname.lastname@example.org> – nothing to do with o2!
4. Click the reply button to see the address it is directing to – again this can often expose a dodgy sender address
5. Examine carefully sender addresses which look authentic.
The letters ‘rn’ looks very like the letter ‘m’ and so on
6. Hover over any hyperlinks
The pop up should display the website address that you would be directed to which is likely to highlight if it’s dodgy.
It pays to slow down – before clicking links do think about what the email is instructing you to do. NEVER enter any personal details or password information – most authentic senders such as banks or companies which hold payment information about you won’t request these of you by email.
Ultimately you are your own best defence against cyber attacks; unleash your human firewall!!