fbpx
Social Engineering:
Red Flags.

IDENTIFYING SUSPICIOUS EMAILS AND COMMUNICATIONS CAN SAVE YOUR BUSINESS FROM FRAUD.

Malicious emails have become far more sophisticated over the years and as such, employees who deal with electronic communications on a daily basis have had to become more diligent when dealing with emails that could jeopardize the security of your business.
Social Engineering Red Flags

TAKE A MOMENT TO EXAMINE THIS EMAIL COMMUNICATION.

We have pointed out some red flags that everyone should look out for when trying to determine if an email is genuine.

From

r
I don’t recognize the sender’s email address as someone I ordinarily communicate with.
r
This email is from someone outside my organization and it’s not related to my job responsibilities.
r
This email was sent from someone inside the organization or from a customer, vendor, or partner and is very unusual or out of character.
Is the sender’s email address from a suspicious domain? (like Microsoft-supporter)
r
I don’t know the sender personally and they were not vouched for by someone I trust.
r
I don’t have a business relationship nor any past communications with the sender.
r
This is an unexpected or unusual email with an embedded hyperlink or an attachment from someone I hadn’t communicated with recently

TO

r
I was cc’d on an email sent to one or more people, but I don’t personally know the other people it was sent to.
r
I received an email that was also sent to an unusual mix of people. For instance, a seemingly random group of people at my organization whose last names start with the same letter, or a whole list of unrelated addresses.

DATE

r
Did I receive an email that I normally would get during regular business hours, but it was sent at an unusual time like 3 a.m.?.

SUBJECT

r
Did I get an email with a subject line that is irrelevant or does not match the message content?
r
Is the email message a reply to something I never sent or requested?

CONTENT

r
Is the sender asking me to click on a link or open an attachment to avoid a negative consequence, or to gain something of value?
r
Is the email out of the ordinary, or does it have bad grammar or spelling errors?
r
Is the sender asking me to click a link or open up an attachment that seems odd or illogical?
r
Do I have an uncomfortable gut feeling about the sender’s request to open an attachment or click a link?
r
Is the email asking me to look at a compromising or embarrassing picture of myself or someone I know?

HYPERLINKS

r
I hover my mouse over a hyperlink that’s displayed in the email message, but the link to address is for a different website.
(This is a big red flag.)
r
I received an email that only has long hyperlinks with no further information and the rest of the email is completely blank.
r
Do I have an uncomfortable gut feeling about the sender’s request to open an attachment or click a link?

ATTACHMENTS

r
The sender included an email attachment that I was not expecting or that makes no sense in relation to the email message. (This sender doesn’t ordinarily send me these types of attachment(s).
r
I see an attachment with a possibly dangerous file type. The only file type that is always safe to click on is a .TXT file.

Recent Posts.

MSP vs. Internal Hire: 3 Reasons Outsourcing Makes Sense

MSP vs. Internal Hire: 3 Reasons Outsourcing Makes Sense

Some people assume an in-house IT staff is the best choice, but there are many ways in which businesses benefit by outsourcing IT management tasks. Sometimes, a company will ask us point blank: why should I work with an MSP instead of hiring an internal IT person?...

How Technology Helps Businesses Defend Against Coronavirus

How Technology Helps Businesses Defend Against Coronavirus

The last few weeks have seen the stock market and business community ravaged by Corvid-19, also known as the coronavirus. As of the publication of this blog post, stock markets around the world are experiencing decade lows and major uncertainty now looms over many of...

Phishing Headlines to Avoid in 2020

Phishing Headlines to Avoid in 2020

The single most effective way to protect your business from attack is by catching phishing emails before someone opens them Phishing emails try to trick your staff into opening the door to cyber criminals. These attacks are very dependent on the email headline. An...