Phishing emails are most commonly sent in the name of banks and insurance companies. Even with the current level of technology, neither banks nor we can prevent this phenomenon.
Damage can only be avoided by being careful, as phishing emails can be identified beyond doubt by following the steps below.
Basic steps for email analysis:
1.) Check the sender
2.) Check the email content
3.) Check the embedded links in the email
Using today's phishing email as an example, we will examine each step:
1.) Check the email sender. Our company only sends emails from the email address email@example.com. If it is not from this email address, delete the email without question.
It is not enough to just look at it. You must click on it or hover the mouse over it to reveal the actual sender's email address. In today's phishing email, the actual sender's email addresses were "firstname.lastname@example.org", "email@example.com", "firstname.lastname@example.org", "email@example.com", etc. These are obviously not our company's contact email addresses.
- Do not confuse the sender with the recipient! In today's phishing email, the recipient field did indeed contain firstname.lastname@example.org as deception, but the sender was always a different valid email address.
- Always check the actual email address of the sender! Email programs usually display the sender's name by default. Click or hover the mouse over it to reveal the actual email address behind it! Attention! The sender's name may also contain an at sign! So always click on it, even if you see a seemingly real email address at first glance!
2.) Our company includes in every invoice email a clear description of the service for which we request an anniversary fee, with the specific service name and the exact payment period. If this is not included, delete the email.
In today's phishing email, it said:
"This notice is to inform you that your domain name has been suspended. The reason for the suspension is that our billing system detected that your domain name has expired and has not been renewed despite our reminders."
Neither the exact service to be paid nor the expiration date is indicated.
3.) Check the link to the website in the email. Hover over it with your mouse and wait for the full link to appear next to the cursor. If it is not https://mediacenter.hu/, delete the email!
In today's scam email, the link was:
These rules can be applied to any email. When dealing with a bank or an insurance company, you should also check the authenticity of the email in the same way.
Please be careful and let's avoid trouble together!