Fishing is Good, Phishing is Bad

On Tuesday August 21st I was invited to talk with the host of Indianapolis WishTV News at 11, Phil Sanchez about phishing emails and some common scam emails that people frequently receive. 

See the segment here:

* Video and Images courtesy of WishTV

Some tips and notes to consider when you’re faced with an email that could be phishing or a scam:

  • Look at the from address – does the domain it is being sent from make sense for that organization (i.e. Marketing@email.mybank.com vs marketing@Gmail/outlook/yahoo.com)
  • Look for the sense of urgency in the message (If you didn’t do this action login here now to tell us) – Most financial services companies will not send a direct login link
  • It’s triggering a strong emotional response hoping to get you to ‘Act now” without thinking – large payment to an unknown company or person, request for access to your account for obscure reasons, or via a channel you don’t normally use with that organization (i.e. SMS vs email).  

There are a number of technical steps that organizations can take to ensure that the mail you receive was sent from them starting with Email Authentication; SPF, DKIM and DMARC. These should make it significanly more complicated to directly spoof their domains, making it easier for consumer mailbox providers to identify fake domains and thus not even deliver fraudulent messages to consumers.

Want to understand more about deliverability and email authentication take a look at the 250ok Deliverability Guide to learn more.

Author: Matt V - @emailkarma

Share This Post On

Submit a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.