...
Some methods to recognise phishing emails
- Suspicious links or unexpected attachments - the links that appear in an email body may go to somewhere unexpected, always rest/hover your mouse over any links which will reveal the real web address and don't click any suspicious links.
- Unexpected or suspicious attachments - Word documents are regularly used to spread malware and viruses, if you receive an unexpected or suspicious attachment - do not open it.
- Urgent call to action or threats - be suspicious of any email that claims that you must click, call, or open an attachment with urgency. A common attack method is to claim something is time sensitive creating a false sense of urgency. Whenever you see a message calling for immediate action, pause, and look carefully at the message - are you sure it's real? Slow down and be safe.
- First time or infrequent sender - whilst it's not unusual to receive an email from someone new for the first time, especially if they are outside your organisation. New senders can be a sign of phishing campaign, so take a moment and examine the email carefully for suspicious links, what the sender address is.
- Mismatched email domains - if the email claims to be from a reputable company, like Microsoft or your NAB bank, but the email is being sent from another email domain like gmail.com, or microsoftsupportteam.com or thenabbank.com - it's a scam. Also be watchful for very subtle misspelling of a legitimate domain name, like micr0soft.com ("0" instead of "o") or naab.com.au (NAB business name doesn't have double "aa").
...