Phishing 101: Your 4-part guide to malicious emails

It’s easy to spot a malicious email, right?

Well, it depends.

The truth is, phishing emails look just like regular emails, making them incredibly dangerous (and a successful attack venue). In fact, 30 percent of all malicious emails are opened — which isn’t great.

If a member of your staff clicks on one of these messages, they could download a malicious attachment and infect your IT systems with malware (something you definitely want to avoid). So to help you and your team avoid the negative impacts of malicious emails, here’s what you can try.

Take a look at the grammar

You don’t need to be a spelling bee champion to identify a malicious email. Many of these emails include spelling and grammar errors — a tell-tale sign that the sender isn’t legit.

“Whenever a large company sends out a message on behalf of the company as a whole, the message is usually reviewed for spelling, grammar, and legality, among other things,” says TechRepublic. “So if a message is filled with poor grammar or spelling mistakes, it probably didn’t come from a major corporation’s legal department.”

Related Content: Your 3-point checklist for a BYOD policy

Install a firewall

Think of a firewall as a barrier of defense that keeps the bad guys away. This software or firmware acts as a safeguard if a member of your staff clicks on a malicious email attachment.

Installing a firewall might sound like a given, but 24 percent of PCs are unprotected, according to a study from Microsoft.

“A firewall will not prevent a scam email from making its way into your mailbox,” says the United States Computer Emergency Readiness Team (US-CERT). “However, it may help protect you should you inadvertently open a virus-bearing attachment or otherwise introduce malware to your computer by following the instructions in the email.”

Related Content: 3 huge data breaches from the last 12 months

Verify links and attachments

Malicious emails often include dangerous links and attachments. If you click on one of these, you might end up with a virus on your system.

Many anti-virus programs will scan emails and prevent you from downloading an attachment if it contains malicious content.

You can verify links and attachments yourself, too. Hover your mouse cursor over a link in an email and read the URL carefully. If a link doesn’t seem right, don’t click on it. Look out for misspelled domain names or overly-long URLs.

Don’t forget to check the email signature, either. Genuine companies will often include their contact details — a telephone number or address, at the very least — at the footer of an important email.

Recognize the problem

Cybercriminals have become increasingly savvy, and phishing emails are now highly targeted and specific. It’s no wonder, then, that so many people click on them. It’s important to train your staff to spot these emails and delete them immediately if they have any suspicions.

“Phishing scammers are constantly evolving, and their methods are becoming more cunning and difficult to trace,” says CSO.

Final thoughts

Want to improve your online security? Follow the four tips on this list and prevent malicious emails from damaging your IT systems. Looking out for bad spelling and grammar, installing a firewall, verifying links and attachments, and training your staff can help you combat this ever-growing problem.

If you want to enhance your security credentials even further, invest in a managed service provider who will optimize online safety.

Want to keep reading? Check out this 5-part guide to everyday data disasters.