Suspected Malicious Email: A Warning Sign Checklist

malicious emails

Implementing an email spam filter is an effective security precaution. However, this doesn’t mean you will completely eliminate spam from your inbox. Malicious emails still find their way through even the best filters. Here are some signs that indicate an email is malicious.

Fear Mongering Is A Common Tactic

Many malicious emails will create a sense of urgency in their headlines to get people to click on them. They use scare tactics and fear-mongering throughout the email to encourage people to click on links and attachments before taking the time to investigate them thoroughly. Remember that if something is extremely urgent, it likely would not be notified through email, so take this as your first warning sign.

The Email Asks For Personal Or Confidential Information

Phishing emails seek to maliciously collect sensitive or personal information. Any email asking for this type of information should always be investigated further. A reputable company most likely wouldn’t ask for sensitive information through an email.

Are There Spelling Or Grammar Mistakes?

If you suspect an email is malicious, you should check for spelling mistakes. A legitimate company will proofread emails it to protect their brand image. Senders of malicious emails are not as diligent with spelling and grammatical errors.

Are There Multiple Recipients?

Most of the time these types of emails aren’t sent individually. They are sent to large lists of people to increase the chances of catching one or two people off guard. Investigate whether the email was sent to other email addresses, especially ones you aren’t familiar with or outside of your organization.

Analyze The Signature

Does the signature give you detailed information about how to contact the company or the person it is coming from? If it seems vague or doesn’t contain any contact details, then you should be suspicious.

Review The Salutation

Many phishing emails use vague salutations such as “Dear customer” or “To our valued customer”. If the salutation lacks your first or last name, this is a definite sign that the email is not from a legitimate source. Most businesses use a mail merge to include personal details from a database.

Be Cautious Of Phishing Links

Before you click on a link, hover your mouse over it to view the URL. By doing this, you can detect some possible warning signs. Many malicious links use link shortening services to prevent you from seeing the full URL. Another way phishing sites conceal the destination is by using an excessive amount of characters in the URL.

If the link contains any of these signs, don’t click it. Report the link to a supervisor so they can inform other employees about it. Another option is to use a link scanner that checks for a virus. However, you should always use your own discretion in case the link scanner doesn’t catch a malicious link.

Suspicious File Attachments

File attachments can contain a virus or malware. Don’t click or download any attachments if the email appears to be suspicious. Always scan files with anti-virus software first. If you weren’t expecting an attachment or file, then it is best to report the email to your supervisor and refrain from downloading attachments.

Download our checklist for detecting malicious emails. Print it and post it at your desk to use as a quick resource for determining if an email is safe or not.

If your business needs an email filter contact us at 519-451-1793 to discuss setting one up.