How to spot a phishing email

If a stranger asked for the keys to your safe would you hand them over?
Your user names and passwords are the keys to your “online safe” so why would you hand them to a stranger.

What to watch out for…

There are all kinds of ways a cyber criminal will attempt to get your login details. The most common method we come across is where the criminal impersonates a known company in an attempt to steal your login credentials or personal information.

These are generally in the form of a threatening email warning of a strange transaction or discrepancy on your account. These emails are designed to scare you into logging in via a website they have created that looks exactly like the website of the legitimate company.

If you then type your username and password into this fake site, the scammers will capture your details, giving them the opportunity to log in to your real account.

This example looks particularly amateurish and not what you would expect from Apple, however some can look more convincing.

Look carefully at the return address…

It is not definitive but the return address is also a good place to look.
In this example the message is supposedly coming from Microsoft Office365, however the return address is ‘cmims@vs-llc.com’ which is clearly not Microsoft.

Sometimes the return address can be made to look extremely similar to the address you think it should be from and sometimes it can be exactly what you would expect it to be. Either way, always check the next section… Watch where it’s taking you!

Watch where it’s taking you…

A suspicious email will normally be attempting to drive you to a website. In Apple Mail if you hover the link it shows you the path you would go to if you click.

In this particular example it looks as if you are going to ‘https://portaloffices.com’ however when you hover the link as shown it is clearly not taking you to the address in question.

Once you arrive at this address, if you unwittingly enter your Office365 details the scam website will capture your details and potentially be able to gain access to your information.

Password / pornography website threat

Another scam we see regularly is from people claiming they have witnessed you looking at some form of pornography and that they have captured your information and your contacts etc etc.

They may also claim to have your password. If the password matches anything you currently use then please go straight to that account or site and manually change it to something more complex.

They have not had access to your computer and been watching you “visiting porn websites and having fun” but the fact that the password they are quoting matches one of yours will shock you at first.

The password they have will have come from a database that will have been compromised at some point and it matches up with your email address. Think old sites like Friendsreunited.com or myspace.com. Sites that would have stored unencrypted passwords and places where you could call up and ask them to tell you your password because you had forgotten it.

Do not under any circumstances respond. If by any chance you are still using the password for anything, go directly to the website you use it for and update it immediately.

If you found this post useful please comment & share.
Matthew Goddard
matt@logosystems.co.uk
1 Comment
  • Wendy Fowler
    Posted at 16:31h, 29 April Reply

    This is super helpful! Thanks a lot guys!

Post A Comment