Skip links

Phishing Phriday #14 Spot the Scam: How to Identify Phishing Emails

Read more about Phishing emails using the SLAM method

Phishing emails are a prevalent threat in today’s digital world, requiring vigilance to avoid falling victim to scams. To help identify and mitigate these threats, understanding the common signs of phishing can be instrumental.

Phishing emails often masquerade as messages from legitimate sources, attempting to trick users into revealing personal information or executing malicious actions. One of the first indicators of a phishing attempt is the sender’s email address. Legitimate messages usually come from official domains corresponding to the organization they claim to represent. If an email purports to be from a known service but originates from an unrelated or suspicious domain, it’s a red flag.

Another critical area to scrutinize is the content of the email, particularly the links and attachments. Phishing emails may contain links that lead to fraudulent websites designed to harvest login credentials or personal data. Hovering over these links without clicking can reveal the actual URL, which often differs from the displayed text, indicating a potential scam. The absence of links doesn’t automatically mean safety; some phishing emails may direct recipients to make a phone call, leading to a scam operation.

Phishing emails can also contain attachments that, when opened, may install malware on the user’s device. Therefore, unexpected or unsolicited attachments should be treated with suspicion.

The message content itself can provide clues. Phishing emails often contain typos, grammatical errors, and unusual formatting, which can signal that the email is not from a professional source. However, not all phishing attempts are easily detectable by such obvious mistakes; some are sophisticated and closely mimic legitimate communications.

To further aid in identifying phishing, the SLAM method can be employed:

Sender: Check if the email comes from a legitimate and expected source.

Links: Hover over links to verify their destinations without clicking on them.

Attachments: Be wary of unexpected attachments, which could be harmful.

Message: Assess the overall quality and authenticity of the message’s content.

In one example, an email claiming to be from a reputable tech support service sent from a generic email address like Gmail is suspicious, especially if it’s the only message received from that address and requests financial action.

In conclusion, staying safe online requires a combination of vigilance, knowledge, and the use of secure practices. By critically assessing the sender, links, attachments, and message content, individuals and organizations can better protect themselves from the ever-present threat of phishing scams.

Watch our most recent Phishing Phriday videos here

president tier 818x1024 1

Hi, I'm Jesse and I look forward to speaking with you.

An IT Support partner that you can trust.

I’m proud of the team we’ve assembled and the service they provide to our clients.  It’s because of them that we’re able to make a positive impact in our clients’ businesses and the communities we serve.

Our clients run businesses that depend on technology to operate but don’t have the expertise in-house to manage all the aspects of their Information Technology.  Our unique service delivery model is focused on a business first approach whereby we seek to understand what you’re trying to achieve, and how technology can help you move closer to those goals.  I’d love to connect with you to talk about how we might be able to help you improve the Stability, Security, Strategy, and Supportability of your network.