You’re sifting through your inbox, deleting the usual spam messages and newsletters when you see it: a new email from one of your employees. You open it without thinking twice and start to read the message. Immediately, something feels off. The language is strange, there’s an attachment you’re not expecting, and the email is requiring you to take urgent action. You begin to worry that the message might not actually be from your employee at all, but from a hacker trying to gain access to your company’s network.
If you’re ever in doubt about an email, there are key signs that can help you spot potentially dangerous messages and attachments. Let’s take a look at seven of them.
1. Unknown senders
If you don’t recognize the sender of an email, be cautious. Be extra vigilant if the message was sent using a free email service like Gmail or Yahoo, rather than a company domain. However, hackers can also spoof email addresses to make them look like they’re coming from a trusted source. So even if you recognize the sender, it won’t hurt to look for other signs that the message might be malicious.
2. Generic salutations
Another red flag is generic salutations like “Dear sir/madam” or “To whom it may concern.” These are often used by scammers who cast a wide net in the hopes of tricking as many people as possible. A more personal greeting is usually a good sign that an email is legitimate. However, you should also be wary of spear phishing attacks, where hackers actually research their targets so they can send tailored messages that seem like they couldn’t possibly be fraudulent.
3. Language, spelling, and grammatical errors
Poorly written messages are often a sign that an email isn’t legitimate. Many hackers use automated tools to compose and send their messages, which can lead to errors. Hackers may also be non-native English speakers who use translation software which may produce strange or nonsensical results. If an email from a trusted sender suddenly contains strange turns of phrase, misspellings, or bad grammar, it’s a red flag.
4. Random or bizarre content
An email might be malicious if it has random or bizarre content. This could be anything from a rambling message that doesn’t make sense to outright unbelievable claims or offers like “You’ve just won $100,000!” If an email sounds too good to be true or makes you scratch your head, always do your due diligence and look into it further before taking any action.
Related reading: 3 Reasons why you should consider email/spam protection service
5. Incorrect or suspicious links
Many phishing and malware attacks rely on email recipients clicking on malicious links which redirect to fake websites that steal login credentials or download malware onto the victim’s computer. To avoid being tricked, always hover over a link to see the URL to which it would redirect. If the website address looks suspicious or doesn’t match up with the link text, don’t click it. Instead, immediately report the email as spam or delete it.
6. Unsolicited attachments
Another common tactic hackers use is sending emails with attachments that contain malware. These attachments might be disguised as PDFs, Word documents, or even images, so it’s important to be vigilant about any attachments you receive, even if they appear to be coming from a trusted sender. If you’re not expecting to receive an attachment, or if the email doesn’t make sense with one, you could contact the sender directly to confirm that they actually sent the email. You can also simply ignore the message.
7. Uncommon file types
Many email servers will automatically block certain types of attachments, like executable files (.exe), because these are often used to spread malware. However, hackers can sometimes get around this by changing the extension of the file or compressing it into a .zip or .jar file. So if you receive an attachment with an unusual file extension like .bat, .cmd, .msi, .scr, or .vb, do not download and open it as it could be malware in disguise.
Ultimately, the best way to protect yourself and your business from email-based attacks is to exercise caution and use your best judgment. Avoid clicking on links or automatically downloading attachments. If an email seems even slightly suspicious, then mark it as spam, delete it, or reach out to the sender directly to confirm that it’s legitimate. By following these simple tips, you can stay safe and avoid becoming the victim of a devastating cyberattack.
Kortek Solutions can provide your business with affordable, enterprise-level email security to help protect you against email-based attacks. Contact us today to learn more.