There are a few simple things you can check to see if an email is from a legitimate sender or not:
1. Have a look at the sender address - The most common fraudulent emails look genuine but when examined more closely, you'll find that although the Display name for the address might look legitimate, the actual address it was sent from is not quite right or from an unexpected location (.br = brazil)
For example:
Further to this, be on the lookout for lookalike domains (missing or substituted characters, using 'rn' instead of an 'm' are all quite common); for example [email protected] is legitimate, while [email protected] is not.
2. Is the email asking for money? - Often fraudsters are simply after your money, and they'd like it as fast as possible. These emails often appear to be coming from someone high up in the company (A CEO or director whose information is publicly available on LinkedIn, for example) and is addressed to someone in finance (also often gotten from LinkedIn et al.) asking for a money transfer to be completed asap. If you ever receive an email asking for money, it's always wise to verify this with the sender using an alternative means of communication that is initiated by you (A phone call for example).
3. Is the email offering you money? - Often when an offer looks too good to be true, it is. If you receive an email offering you money in return for filling in an innocent looking form, or otherwise giving them your personal information; it's likely this is a phishing email.
4. Does the email contain unsolicited attachments or links to websites? - If an email is unexpected, you should think twice before opening attachments or clicking links as its often very difficult to tell from appearances alone if it will cause harm to your system by downloading/installing malware. You can check if a link goes to where it claims to by hovering your cursor over it (for example, if you check the bottom left corner of the screen, www.spidergroup.co.uk does not actually go to its advertised location) - make sure that you only click a link you KNOW is legitimate.
5. Is the email asking for personal information or log in details? - If you get an email from your bank asking for you to verify your identity by providing them with personal information such as (Name, DOB, Account Number, Online banking log in details, the name of your cat etc) this is very likely to be a phishing email. Most providers will never request such personal/private information especially if they have not been in touch with you prior to the email.
6. Check for recent website articles matching the email - Phishing emails are often sent out in batches of tens of thousands, if not more and are often reused. This means that someone else has likely seen the email before and written about it online. These. recent. articles. show how much information is out there if you think to have a quick search. Using the previous articles as an example, searching "Wannacry spam email" gives many, many similar articles
To many of you, this may all be common sense, and if that is the case, great! For the rest of you, I hope this has served to increase your awareness and help you detect fraudulent emails.
The best advise I can give you is to above all, trust your instincts. If something seems suspicious it often is.
If you are ever unsure, you can always give our SpiderTech team a quick call on 01179 330 570 or by emailing [email protected].