How to recognize and identify a phishing e-mail?

What is a phishing e-mail?

Phishing is an ever-present threat to businesses. A simple e-mail can quickly turn into a burglar disguised as a letter carrier. Harmless at first glance, some deceptive e-mails give rise to the spread of spam and malware. The aim of phishing e-mails is to steal account credentials or spread malware. These tips will help you raise awareness of phishing, identify these cybercriminals and protect your sensitive and financial data from online hackers. Learning to recognize a phishing e-mail can prevent a potential catastrophe for your business.

October is Cybersecurity Month, the perfect opportunity to raise awareness among your staff of the need to protect your e-mail system. The human factor remains the weak link in cybersecurity. This is an essential step in reducing the risk of cyber-attacks within an organization. By maintaining an internal culture of security, you minimize the potential costs associated with cyber incidents and keep your data intact. As part of Cyber Month, our phishing awareness campaign, you’ll find our tips for combating the threats encountered in the workplace: attempted phishing emails and scams (identity theft, data theft…).

How to spot a phishing e-mail?

Phishing awareness should be a key element of your email protection strategy. Here are our top tips for identifying phishing e-mails. Don’t hesitate to share them with your employees and customers. Phishing e-mails are carefully crafted to look strikingly similar to the legitimate e-mails they imitate. Nevertheless, it is possible to identify indicators of a phishing attempt.

1. The sender’s address: to counter an attack from the outset, it’s crucial to assess the legitimacy of the sender’s address. It’s important to pay close attention to the domain name after the “@”, as well as to possible spelling mistakes. If you already have an exchange with the organization in question, you can compare addresses or look for a new, reliable source. In many cases, it may be a case of identity theft or incitement to fraud.
2. The body of the e-mail: To reduce the risk of falling victim to a phishing attempt, it’s important to pay attention to the body of the message. Are there any requests to modify or disclose sensitive information? Is the subject line too tempting? If so, it’s most likely phishing. In fact, they often deal with serious subjects, unexpected prizes or even proposals to make easy money. Beyond that, these messages may also contain threats or urgings to take urgent action. In the case of phishing, the victim will click on a link embedded in the e-mail. To better protect your accounts, it’s also important to keep an eye on the quality of the language used in incoming messages. There may be spelling, grammar or syntax errors that cast doubt on the origin of the message. There may also be inconsistencies in the information provided, which is often poorly organized. In addition, translation errors, a dubious tone of voice or a writing style that’s too out of touch can be signs present to help recognize a phishing e-mail. If you’ve already had an exchange with the company in question, it’s a good idea to compare previous exchanges with this one.
3. Links and attachments: A phishing link is a URL that attempts to deceive the user by redirecting them to a phishing page that imitates the identity of a popular brand. If in doubt, don’t click on any links or open any attachments. Phishing e-mails are often accompanied by links or malware designed to steal sensitive financial data. These hacker-created links, concealing various URLs, can lead to fraudulent or phishing sites capable of infecting your computers. These methods are virtually undetectable, and can take the form of page redirection, logo reproduction or QR code. These malicious links are often hidden behind a text anchor that requests a specific action, such as “Log in”, “View document” or “Click here”. When you hover over this text anchor with your mouse cursor, the actual phishing URL may appear. To avoid detection, some hackers use obfuscation techniques:

• URL shortening tools: These tools hide URLs by creating shortened versions that look nothing like the original. Popular free services such as TinyURL and Bit.ly are used by phishers to shorten phishing URLs.
• Text-to-image obfuscation: This method is common in sextortion e-mails. The e-mails mainly contain an image that behaves like a link. To the user, it looks like text in the body of the e-mail, but in reality it’s a clickable image hosted on a website.

What are the most common examples of phishing e-mails?

Hackers are becoming increasingly creative and ingenious when it comes to phishing attacks. Here are a few examples of phishing attempts you need to be aware of to avoid becoming a victim.

Lottery winnings – requesting information in exchange for sending a reward

Always accompanied by a tempting object, fraudsters often usurp the display names of brands such as EuroMillions, reproducing their logos and introducing malware-obfuscating images.

Message from your bank – request for login confirmation

Often sent by a supposedly trusted public or commercial organization to steal your passwords or banking details. This may concern issues such as account deletion, detected suspicious activity or log-in, or a security update. Here, the impersonated identity is that of La Banque Postale.

Phishing Police – demand for payment on pain of punishment

This type of e-mail is presented as a threat of prosecution or summons, within a strict time limit. Obviously, with the sole aim of stealing your contact details.

What are the most common brands used for phishing?

The brands most frequently used for phishing are mainly the most popular. Hackers make their choices according to the trust users have in the brand. They also pay attention to the ease with which certain elements, such as the name and logo of the chosen identity, can be counterfeited.

Here is a short list of the most usurped brands in 2023:

• Microsoft
• Facebook
• Amazon
• Paypal
• Crédit Agricole

Increasingly sophisticated attacks: a few examples

Sophisticated phishing, or spear-phishing, is a variant of phishing that deploys more elaborate and deceptive techniques to trick users. Characterized by its high level of ingenuity, this method uses personalization to imitate legitimate sources. A fake account, for example, may pretend to be the technical support of an identity in order to steal data from you. As users feel confident in exchanging with an alleged manager or collaborator, it will be easier for a malicious hacker to trick the user by using this technique to request payment, bank details or computer access.

In effect, these hackers use social engineering techniques to coax their victims into navigating fake websites via redirect pages. This way of juggling the real and the fake in such a dissuasive way is what makes spear phishing so difficult to counter. That’s why it’s crucial to maintain a high level of vigilance, raise awareness among your staff and implement robust security measures. On the Internet, you can’t trust anyone.

How to protect your company from phishing attacks?

Protecting your company against phishing e-mails is a top priority. Here are a few tips to strengthen your organization’s security against these attackers’ scams.

1. Awareness-raising and training: educate your staff in the best practices for recognizing malicious e-mail and reducing the risk of cyber-attacks.
2. E-mail filtering: secure your company’s e-mail system by detecting and blocking potential threats such as phishing and spear phishing with anti-phishing software.
3. Checking links: make sure that these links are not fraudulent (redirects to scam websites, malware downloads, fake infected images, etc.).
4. DMARC authentication to reinforce cybersecurity
5. IP address filtering to block potentially dangerous sources

It is advisable to be attentive when receiving e-mails, and when there are even the most subtle uncertainties, it is best to refrain from opening the message. Protection against phishing e-mails is an ongoing effort, requiring both advanced technologies and constant vigilance on the part of your team and collaborators. Awareness and vigilance remain essential to preventing phishing attacks and securing messaging environments.