What does a phishing e-mail look like and what can you do about it?
Possible characteristics of a phishing e-mail
Discovered a phishing e-mail? Then put it in the trash!
What does a phishing e-mail look like and what can you do about it?
If you take a closer look, it turns out that the sender's address is not trustworthy. The bank's company name is not spelled correctly. You move the mouse over the link contained in the e-mail and a dubious cross-reference is displayed - a link that does not lead to the bank's website but to a third-party internet address. Furthermore, you are threatened with consequences and an approaching deadline.
You take another closer look. It may even contain minor spelling mistakes and bad English, some sentences look contrived and as if they have been translated by a machine. Don't open the attachment or click on the links - it's phishing!
The difference to spam mail is that you do not simply receive obscene advertising, but are asked to take action. The aim is for you to disclose confidential information or sensitive data by clicking on the link. If you open the attachment, a virus could spread to your computer. You should therefore always be careful when processing e-mails and check their origin.
We have collected the signs of phishing emails for you so that you can sharpen your awareness of such attacks. We also give you the best way to deal with them.
Possible characteristics of a phishing e-mail
Link in e-mail
If you move the mouse pointer over the link, the cross-reference is displayed. This should point to a reputable internet address, the so-called company website, i.e. the official website of your bank, post office or the company from which the e-mail originates. A phishing e-mail will instead contain a link to an unknown page with a dubious domain extension. Also look out for spelling mistakes in the domain name.
Conspicuous sender address
The letterhead, the so-called header, contains the sender of the message under "From:". If it is a general e-mail address with first name, surname and a company name, the e-mail is probably trustworthy. What is in the address after the @ sign? Is this a trustworthy domain name or an abbreviation that you are not familiar with? You should always question this.
Incredible offers
I'm sure we've all received an e-mail from a stranger offering to transfer more than a million dollars to our bank account. Such offers are absolutely untrustworthy and in this case you should definitely delete this message.
Do not open attachments
Does the dubious e-mail contain an attachment? Resist your curiosity and do not click on it under any circumstances. Most computer viruses are spread via attachments, for example with the file extension .doc (Macro viruses) or .exe as the executable file. Use a virus scanner to check beforehand or contact the sender.
Impersonal form of address
Does the message contain your first and last name or simply Hello, Good afternoon, Dear customer? This can be a sign of a phishing e-mail and should catch your attention in the first line.
Bad consequences are described
Who wants their own website to be blocked? To have your customer account blocked or even be fined? This is exactly the kind of scenario that phishing e-mails describe and therefore call for urgent action. It helps to take a deep breath and take a closer look. If in doubt, contact the company directly via the official website and check the situation.
Urgent action
"Log in within 24 hours. Transfer the outstanding amount immediately." Phishing e-mails contain a strange sense of urgency that banks or the post office do not normally operate with. Caution is advised here, especially if your details are requested, and you should consider whether this is a sign of a fraud attempt.
Discovered a phishing e-mail? Then put it in the trash!
You have now learned the characteristics of a phishing e-mail and, in the best case scenario, you can identify such an e-mail immediately. But what do you do with it afterwards? Have you already clicked on the link or file in the attachment? Depending on what data you have entered, you should change the corresponding password.
You have studied the e-mail and were immediately sure that it is a phishing attempt? Then mark it as spam/phishing and the message will be moved to the trash at the same time. This will train your algorithm to identify future phishing e-mails. It's best to empty the recycle bin at the same time so that it is removed for good.
Now you are equipped to take action against phishing e-mails in the future. Would you like more information on how to protect yourself? We have further general security recommendations for you on our website.
