Malicious email: How to identify phishing scams, spam and malware

How much of your email is real business email?

If you’re like most business professionals, you spend a lot of time keeping unwanted emails out of your inbox, while trying not to miss any messages from clients, colleagues and prospects.

You may use various tools like:

• Captcha features on website contact forms
• Sanebox, Unroll.me and other email sorting software applications
• Microsoft 365 and Google Suite, which come with built-in malware detection
• Firewalls and anti-virus solutions
• Two-factor authentication

But no matter how many tools you have, educating your employees on how to identify malicious email is one of most important things you can do to enforce data security.

5 Basic email protection steps

1. Don’t put your password on a sticky note on your computer monitor
2. Don’t reuse the same (or similar) passwords, especially for email and other sensitive logins
3. Give every employee and contractor their own credentials that can be revoked by an admin
4. Use a professional business email system like Microsoft 365 or G-Suite, not consumer-oriented email platforms like gmail and hotmail, etc.
5. Keep your operating system and anti-virus software up-to-date

3 Intermediate email protection steps

Our intuition can help us sense when an email “isn’t quite right.” While it would be wonderful to have a distant relative in a foreign country leave us millions of dollars, their attorney isn’t likely to contact us via email. Detecting fake and phishing email is getting harder as cyber criminals become more sophisticated.

As you go through your inbox, do a quick gut-check of each email message to see if it feels consistent with the sender’s previous correspondence. Look for these red flags that are commonly found in spam, phishing, and malware emails.

1. Check the email domain name

The reply address should be next to the sender’s name.

• If it is an external sender, the full email address will be displayed in Outlook
• For mobile users, tap the sender’s name to see the full address

2. Check where links go

Hover (don’t click) your mouse cursor over any links contained within the email in order to validate the link target and intent.

• Address paths will appear at the bottom of Outlook
• You can also right-click, copy hyperlink, and then paste into Word or Notepad (or other text editor) to see the full address

If the domain of the URL (immediately after the http or https) doesn’t seem consistent with the sender’s email domain or takes to a foreign address (.UK, .RU, etc), then be suspicious.

Avoid clicking on any links, opening any attachments, or replying to scam solicitations unless you are absolutely sure the email can be trusted.

3. Check for content legit-ness

Are there a bunch of spelling or grammatical errors? Does the request or email seem reasonable? Are they asking for personal information, like passwords or a social security number? When in doubt, verify. Let’s say you receive an email about a “questionable purchase”, rather than clicking on the link, open a new browser tab and go directly to the Paypal, Amazon or bank website. If a friend asks you for money, call them on the phone.

If you have doubts about the legitimacy of any email, please forward it to us for evaluation.

Advanced email protection steps

As IT professionals, we have access to a wide array of data security tools we can use to thwart spammers and minimize cybersecurity threats. The best way to determine which solution(s) are right for you is to book a 30-minute consultation with one of our team members.

Commonly asked questions

What should I do with the suspected malicious email?

According to Malware Bytes blog about how to spot the 5 email red flags, the best and easiest solution is to simply delete the email. You can report the email to your system administrator or use the Outlook /Google “report spam” button, but don’t use the sender’s “unsubscribe” tool. This only confirms your address is valid and can be targeted again in the future.

Finally, many banks and other financial companies have a special email address where you can send emails that you suspect to be phishing attempts. They will thank you if you are right about your suspicion. If you’re wrong and it is from them, they might consider changing their email practices to be less spammy.

Legitimate email senders will never ask for your password or sensitive personal information.

What can email malware do on your computer?

Most malware email attachments include code or exploits to cause your computer to download more malware from the internet. These email attachments are often small, customized, and not widely spread making them hard to detect by antivirus software.

In recent years, email malware is often ransomware which can delete or encrypt your files and backups even if they are stored in the cloud or on a server. Ransomware senders cannot be trusted to decrypt your files even if you pay and may spread to other computers on the network. The FBI does not support paying the ransom.

Email malware can also steal data from your computer such as passwords, bank logins, PayPal logins, other logins, or files, take full control over your computer.

What should you do if you’ve clicked a suspicious link?

CALL US or your IT administrator ASAP for advice about next steps. Change your passwords immediately. If you suspect you have a virus, disconnect your computer from the internet immediately. The faster you take action, the fewer other people will be impacted.

Be proactive in preventing malware

In addition to the tips here, our team of IT professionals can help you avoid malware problems by:

• Creating strong IT policies and procedures
• Keeping your business technology up-to-date
• Implementing and maintaining Microsoft 365 and Windows 10 or 11 which have built-in enterprise-grade data security features
• Providing ongoing IT support and IT consulting services

Give us a call at 586.263.1775 to see how we can help you.