Gutting the Phish: How to Spot the Signs of a Phishing Email

October 17, 2023
over the shoulder POV of someone checking email on phone and laptop

Do you remember that Nigerian prince? The one who emailed you in desperation telling you that if you just sent him your bank account, he would transfer you a certain percentage of his vast fortune. After a while, it became part of the cultural zeitgeist, and everyone knew that no prince just wanted to give you money out of the kindness of his heart.

Phishing as a social engineering tactic has existed since the mid 1990’s. It is the way individuals with malicious intent, known as “threat actors”, phish for information they can use to gain access to desired information ranging anywhere from financial to system login credentials.

While phishing used to be exclusive to emails from royalty, the tactic has become more and more sophisticated with time. There are now several ways threat actors go phishing, but the underlying intention remains the same. But take heart! There are still a few ways to spot signs of a phishing email.

How It Works

Phishing has been around for so long because it is a cheap, easy, and effective way for threat actors to gain high rewards. The most common way phishing attacks work is through a sense of urgency and fear. You must do this now, or you’ll lose your job, your home, or your money. Sometimes, there will even be an attachment of an invoice “you” recently paid or forgot to pay.

Phishing relies on anxiety overcoming rationality so that you click a link or open an attachment you otherwise wouldn’t.

Threat actors will cast a wide net; most of the time, their attacks are not targeted to you specifically, so their message will be generic. Your name will not be referenced in the email, or the “account” at risk of suspension is only named as “your account”.

How to Catch the Phish

Let’s look at an example provided by Norton to explore the signs of a phishing email. This email comes from “SunTrust Bank” – a legitimate banking entity that may or may not hold all your money.

example phishing email

The sense of urgency is created in the Subject line: “Account Temporarily Suspended” – if this is a bank you do your business with, it won’t take long for you to click into it to see what the deal is. According to this email, there’s been some unusual account activity, and your account has been suspended. You can resolve this by clicking on the link and logging in! Simple enough, right?

Not really.

A closer look at the sender shows that they are sending an email from “SunTust” not SunTrust. The email itself is incredibly generic, poorly worded, and contains numerous grammatical errors, such as odd choices in capitalization. If you were to hover over the link they want you to click on, you would see that it has been shortened to hide the real destination website.

Scammers are good at copying real text from their sources, so it ends on a note that gives it an air of legitimacy, but ultimately, that link would lead to the credentials you put in being stolen.

3 Rules for Staying Safe

  1. Be aware. You can stay current on current techniques and targets through a quick Google search fo the latest signs of a phishing email.
  2. Don’t use an emailed link to log in! If you are worried about unauthorized banking, navigate directly to your bank’s webpage and log in through there.
  3. Take a breath. Scammers rely on you to be in a panic so they can take advantage of your anxiety. There is always time to verify a request, especially when your livelihood relies on it.

Remember, a few moments now to think about the information being presented to you will save you countless years battling debt collectors and identity agencies.

Stay up-to-date with the latest in cybersecurity threats.

Be prepared for phishing and other cyberattacks with information provided by ShieldsUp and the U.S. Department of Homeland Security.

See the Latest from CISA.gov »

You Might Also Like