Make the Attacker’s Job Harder: Tips for Detecting Risky Emails

Make the Attacker’s Job Harder: Tips for Detecting Risky Emails

Studies consistently show that email is the principal pathway that hackers use to achieve their devious goals (what techies call the “attack vector”). Unfortunately, attackers have become so adept at their task that it can be very difficult to detect a dangerous message.

ManyMe helps to address this challenge by automatically taking a wide range of security measures, such as blocking files that contain programming code and compressed content and hosting attachments in the ManyMe cloud so that they never reach your device without your explicit consent. ManyMe also helps you identify phishing attacks and reduces your exposure to other hacker exploits.

While these measures are important, your heightened awareness of hacker tactics is also crucial. This posting recommends five important questions to ask yourself to judge a message’s authenticity.

1. Is the content of the email threatening or alarming, or demanding your urgent attention?

Hackers will exploit your emotions in hopes of overriding your calm thinking, sometimes even impersonating a family member in need. If you receive such a message, take a deep breath, and rest assured that a genuine sender would contact you in a more personal or professional way. Never call a phone number provided in such a message; use only a number you know to be valid or that is published online.

2. Does the message contain an attachment that you didn’t request?

Never click on an attachment that you didn’t request or aren’t expecting, as attachments are often used to deliver the attacker’s malicious “payload.” With ManyMe, attachments never reach your inbox without your approval.

3. Does the message ask you to click on a link?

If so, use your cursor to hover over the link to view the link address (the “URL”) displayed at the bottom left of your screen and examine it carefully to see if it looks correct. For your financial accounts in particular, don’t click on a link in the message—open a new browser tab and go directly to the company’s website by manually entering the address.

4. Does the email contain spelling, grammatical or formatting errors?

Messages sent from legitimate entities are carefully reviewed to catch such basic mistakes. While many bad actors have gotten better at avoiding these errors, they continue to be a red flag in many bogus emails. Remember, if a message doesn’t include these red flags, it still might not be legitimate.

5. Is the email offering something that seems too good to be true?

If an unexpected offer gets you excited, question its authenticity first, and never, never provide your personal or financial information.

As you ask yourself these questions, be aware that attackers are clever in capitalizing on human emotions, current events, and seasonal themes. Especially if you’re tired or in a rush, don’t do what the sender is enticing you to do—push away from the screen and come back later with a critical eye.

If you’re comfortable with technical details and want to dig a bit deeper into the authenticity of a message, you may want to review the message “header.” Header information will enable you to determine if the sender’s name and email address have been forged or “spoofed,” and to see if the sender’s identity hasn’t been fully authenticated. Please consult your email provider for instructions on how to access the “header” of a message.

The combination of your heightened security awareness and ManyMe’s best practices will make an attacker’s job much harder. For a safer email experience, be security aware, and use ManyMe!