Blog #2 – Practical ways to detect and recognize phishing emails
Fraudsters and scammers are taking advantage of trending topics in the news, especially now in times of the coronavirus scare. Some of their scams are a direct threat to IT staff, the organizations they are working for, and their customers. In brief, to all of us!
In this blog, we offer you an exercise in which you will learn how to recognize phishing emails.
The well-written personally addressed email
Read the following well-written and personally addressed email.
Put yourself in the shoes of Patricia now and reread the email.
Your inbox displays ‘Liesbeth Helping’. You know her; she is probably your preferred IT helpdesk colleague. She tends to respond to others’ needs, and she assists or supports others to achieve their goals. She is a real IT-hero!
Don’t click the link yet. Be patient!
First of all, answer the following questions:
- Details about the sender: “Do I know this person?” Of course, I do. It is Liesbeth from our IT-helpdesk.
- The context of the email: “Has the purpose of this email a contextual meaning for the work I do?” Yes, because we are all working from home and I need to do my work.
- The content of the email:
- “Does the content contain contextual information that makes sense to me?” Sure. I have to be able to do my work from home. Not the most ideal situation because my kids are running around like headless chickens!
- “Do I need to do something that looks suspicious?” This question rings a bell!
- “Has the mail a sense of urgency?” Yes, it has. I have to log in before noon.
- “Has the mail a malicious intent?” I don’t know.
Let me bring some theory in practice. I remember some of the takeaways of one of our company awareness sessions of last year. Let me do some investigation.
A second look at the email
Congratulations Liesbeth, to put theory in practice. You are one of our heroes!
Answering these questions results in:
- A behavioral change in dealing with incoming emails and phishing;
- Increase your alertness and readiness regarding phishing emails;
- Being recognized by others as a security-ambassador;
- Due to the positive feedback from others, you enjoy it to be a security-ambassador.
Take care of each other!