How to spot an impersonation email and keep your network safer

Have you ever opened an email that just looks phishy?

Don’t worry, you’re not overthinking. Today its more important than ever to have a trained eye on suspicious communication. Phishing is the top social attack used on businesses, in fact, a recent government survey suggests that phishing attacks and impersonations are, by far, the most common cyber security threats. If you want to know how to spot an impersonation email, and what to train your staff on, read on…

So, what is Phishing?

Phishing is when cyber criminals impersonate companies or a ‘Person of Authority’ to con users into revealing information, making payments or downloading Malware onto their computers through emails or social media.

There are 3 main types of Phishing

Mass-scale Phishing: when fraudsters send bulk emails which aren’t specific to any one person. An attempt to find success by sheer numbers.
Spear Phishing: A focused attack on a specific victim or group of victims using personal details from other sources.
Whaling: A type of spearfishing which targets a very important ‘big’ victim within an organisation.

What are the potential impacts on your organisation?

Outcomes depend on the attacker’s objectives. A fraudster fixated on facilitating fraudulent transactions may limit the loss to strictly financial, but, if the objective is the stealing of customer data you could be fined £17.8 million or 4% of global revenue. Lancaster University, with over 13,000 students, is currently under investigation. A phishing attack left a number of students’ personal data vulnerable. If the ICO determines the attack to be a result of lax security on Lancaster University’s part, fines will be imposed, but the impact on the reputation of the university will be far more damaging.

What is the value of your reputation?

Even the most technological and financially savvy companies are susceptible to phishing. Between 2013 and 2015 Facebook and Google lost out on of $100m due to a fake invoice phishing attack which impersonated one of their large Asian-based manufacturers. Crelan Bank in Belgium lost $75.8m in a CEO fraud attack – an example of Whaling and which was only discovered in an internal audit. The identities of the attackers are still unknown.

Lost of people are still being caught by Phishing attacks – don’t let it be you. Here are our top tips.

Look at the email address.

Many of us don’t look at the email address the message has come from. It’s possible to choose the display name people see which doesn’t need to relate to the email address at all. This is a method of disguising the true origin of the email.

A genuine email would have the organisation name in the domain name. The lack of is proof of a scam. In this example, it should say “@paypal.com.

The domain name is mis-spelt

Buying a domain name from a registrar is easy. Although every domain name must be unique, there are plenty of ways to create addresses which are close to indistinguishable from the one being impersonated. The act of registering a domain name similar to an established company is called Typosquatting. ‘Google’ may be misspelt as ‘Voogle’ or ‘Yoogle’ in the hope you wouldn’t notice the slight difference. Our brains are wired to see what we want to see. So you don’t always see a typo and can actually read jumbled words very easily. Try this one: https://www.mnn.com/lifestyle/arts-culture/stories/why-your-brain-can-read-jumbled-letters

The email contains suspicious attachments or links

An infected attachment is a seemingly normal document which contains malware. It advised to never open an attachment unless you are fully confident the message is from a legitimate party. Your anti-malware software will produce a warning about the file’s legitimacy. If this is the case, do not proceed.

The message asks for immediate action

You’re likely to realise something’s wrong the longer you think about it. Attackers know this. Therefore, they employ tactics to push you to act immediately instead of later. Services like PayPal, Windows and Netflix are services regularly being used which are important to most people. Thus, are ideal as you’re likely to deal with them immediately.

The solution?

Although serious, it’s an easily solvable problem:

Educate your employees. Noticing risky emails in today’s age is crucial. Spam filters will never be 100% effective, so everyone is responsible for protecting their email and their organisation. Which may be the bigger cost: training your employees or the losses, to both your bank account and your reputation?
Tag messages that are suspicious. This will help your staff identify them and not click

Click here to talk more about spoting impersonation emails

Has this helped you understand how to spot an impersonation email? If you still need some assistance with your IT security, reach out to us at 020 7227 9700 for further information, or contact us here.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

How to spot an impersonation email