Although some emails may not initially appear to be malicious, they may still contain a variety of hidden threats. Keyfort have put together a few simple things to check if you are ever unsure if an email is safe, this can help towards avoiding some of the most common cyber security threats.
The Senders Address
Unsure if an email has been sent from a legitimate person or organisation? Check if the domain is the same as where you would expect the email to be sent from. For example, if you receive an email from Royal Mail, you would expect the domain to be the same as their main website ‘royalmail.com‘, but the example shows that the domain is ‘royalmail-service.org’.
Spelling & Grammar
See a lot of spelling and/or grammar mistakes? Be suspicious! A genuine email from the organisation may contain spelling & grammar mistakes, but it is unlikely that it will contain many. In the example below, there are quite a few grammar mistakes. This is particularly obvious in the second to last line of the example ‘This is automatically generated email, please unsubscribe if you do not want receive email’s from us‘.
Do not click a link before you know whether it is legitimate or not! Hover over the hyperlink and see where the link goes to. The example below is a screen capture of what can be seein in Outlook when hovering over 2 links within the email. When hovering over the link ‘View Information‘, you would expect it to link to the Royal Mail website, but this links to an entirely different website. When hovering over the link ‘Unsubscribe‘, you can see that it contains a spelling mistake – ‘unsubscrube‘
Always check the extension of an attachment before opening them! Make sure the email is not malicious. The example below shows a screen capture of an attachment that has 2 file extentions ‘.pdf.zip‘, it is likely that this is a malicious attachment.