Phishing Attacks - How to Spot Them

Learn what Phishing attacks look like and how to deal with them

Posted by Oliver B on June 03, 2024 · 7 mins read

“Dear beloved, Please read this slowly and carefully, as it may be one of the most important emails you have ever get”

What is Phishing

As computers are becoming more secure, it is more favourable for threat actors to use the weakest link in a computer system, the person. Instead of investing many thousands of pounds in the best hackers with the most advanced tools, it is often easier to set up a free email address, spam thousands of people and hope that one or two people fall for their scam before they get shut down (and yes, the quotes at the top and bottom are from real scam emails I received).

Often these emails and messages will have particular characteristics that make it easier to spot whether they are legitimate or not. Here are some things to look out for:

  • Spelling and grammar mistakes - Often these emails are filled with spelling mistakes and gramatical errors. If it doesn’t read right, it’s probably not right.

  • Strange email addresses - When you receive a legitimate email from your bank, it will often come from an address such as customer_support@bankname.com. If I got an email from HSBC that came from the address odfsnru5b28dn@gmail.com, I’d be suspicious. On the subject of banks, often they include a key piece of information so you know they are real. For example, my bank always includes the second half of my postcode so I know it is coming from them.

  • Urgency/Calls to action - People react to importance, so attackers like to use a sense of urgency in order to get you to act. Real organisations will never give you “24 hours to update your details or your balance is lost”, or something to that effect.

  • Unexpected emails - Just got an email telling you that you’ve just made a £1500 purchase from your PayPal account? Chances are that you didn’t. If you are worried about an email like this, never click the link in the email. Open a new browser tab, browse to PayPal/your bank as you would and log in normally and check for charges from there.

Some examples

So now you know what to look out for, let’s take a look at some scam and phishing messages, that I have receieved (and kept, for my own amusement).

Number One - Obviously Fake

Often people joke about receieving an email from a “Nigerian Prince” offering them a fortune. Unfortunatley the prince didn’t contact me directly, but the Central Bank of Nigeria (CBN):

A screenshot of a scam email

Image source - Me

The above email is the perfect example of a phishing email that covers all of the points above:

  • Random grammar errors, capital letters and punctuation
  • I am certain the executive governer of a bank wouldn’t use the email address mikerage2q2@yahoo.com
  • A clear “Treat urgently” at the bottom
  • It was definitley unexpected when they told me I am owed $3.5m

Number Two - Slightly More Convincing (Still fake though!)

For this one, I have chosen an email from “PayPal”:

A screenshot of a scam invoice from 'PayPal'

Image source - Me

This one employs a different tactic to the first. Instead of preying on the instinct of greed (someone trying to clain money that isn’t theirs), it uses fear. It wants you to panic, so you call their “support number” and give over your details. But again, an odd email and strange grammar is a big giveaway here. For a great example of what they might do when they have you on the phone, check out Jim Browning’s YouTube channel. He “scams the scammers”, by disrupting them and wasting their time.

Number 3 - Pretty Convincing

Can you tell the difference between https://google.com and https://gооglе.соm? No? Paste them both into your browser. One takes you to here:

A screenshot of the legitimate google.com domain

Image source - Me

And the other, here:

A screenshot of a fake google.com domain

Image source - Me

This happens because some of the characters in the second hand example are using different Unicode characters. A threat actor could buy this domain, set up a clone of the Google login page and start collecting details. These can be hard to spot, but as long as you follow these steps you can keep yourself as secure as possible.

How to Keep Yourself Safe

To round off this post, here are three things you can do to keep yourself safe from phishing emails:

  1. Stay Alert - When you recieve an email that doesn’t seem right, pause and think. Consider the checklist above, and make sure the email is expected and legitimate.

  2. Enable Multi Factor Authentication (MFA) - This process makes it much harder for an attacker to access your account even if they have your password. For all of your accounts where you can, go into the settings and enable 2FA/MFA. This will send you a text or ask you to enter a code from an app when you try and sign in to make sure you are who you say you are.

  3. Stay Educated - Every now and then, research the latest cyber security news and find out what methods attackers are using to attack the public. This will allow you understand how they work and how to secure your accounts.

Thanks for reading. If you have any questions, or any interesting scam emails you’d like to share, feel free to get in touch here.

“The Special Investigative Panel on Abandoned Funds have expressed their displeasure over that endless transaction you have entered with those Banks with constant demand for more money, yet without positive conclusion”

← Previous Post Next Post