TIPS & TRICKS
Four Email Warning Signs
According to Fusepoint Managed Services, the number of malicious emails being distributed by hackers is on the increase, preying on unsuspecting Canadians to provide personal and private data. Rather than attempting to hack into your computer, the attacker uses social engineering (trying to get users to divulge personal information) and trick you into running attached files.
Fusepoint Security Analyst Justin Folkerts lists four main ways users can quickly identify a malicious email from a legitimate one:
- The message does not have your name in it. It says “Hello!” not “Hello Justin!” All legitimate corporate sites will personalize a message. If the body doesn’t contain your name, then the message is likely fraudulent and should be deleted.
- The “sender” address is confusing or mixed, and the name and the email do not match. For example, it might be identified as “From: Adam Goodman [mailto:email@example.com] .” If the name and address don’t match, delete the email. Also, if the sending email address, for example, is a fusepoint.com email address and the name is someone you don’t recognize, delete it. (If you know someone from the company listed in the email address, contact them to verify the sender. Their company will want to know, as well.)
- With zip file attachments, companies like FedEx, Northwest Airlines and ecards will never send you a file attachment, especially a ZIP file. Legitimate sites will always send you an email, directing you to their site via hyperlinks.
- Grammar, spelling and language usage are easy giveaways. An official communication from a large corporation will be spell-checked, would not be compositionally incorrect and would use correct English. Any email with an attachment from a ”big name” company which is chock full of spelling and grammatical mistakes is most likely fraudulent and should be deleted.
Briana D’Archi, Environics Communications