Ever gotten an email from a reputable company like Apple, Verizon, or Coinbase, but something feels a bit off about it?
Introduction
Most of us are aware, to some extent, of the danger posed by suspicious emails. But if your inbox is like mine, with 20–30 new emails arriving daily, finding enough time to skim them can be overwhelming, much less tell which ones are suspect. Seems absurd.
How to ID Spam/Phishing Email?
Maybe, like I once did, you naïvely assume these emails all magically end up in the Junk/Spam folder. But can we really trust our spam filter to catch 'em all? (even Ash didn't pull that one off) Perhaps try the latest freemium plugin instead? As if we can even afford that after rent and bills, right?
Check the Preview
Ironically, I received an email earlier today that managed to bypass my spam filter, security add-ons, and custom rules and somehow landed in my Focused Inbox (equivalent to 'Important' in Gmail). But as soon as I glanced at the preview, red flags started to pop up, including sloppy font styling, a vague subject line, and a deadline in mere hours. Let's take a look.
At this point, in most cases, we already have sufficient circumstantial evidence to justify deleting the email without even opening it. Why waste time entertaining spam or potential malware?
Report the email as junk so that anything from that sender will be filtered automatically; then, delete it to avoid accidentally clicking on it later.
Check the Body
But let's assume, for the sake of argument, that we already opened the email. Can we expect to see additional new red flags or just variants of those previously covered? Let's see what else we should be aware of.
After the FOMO pitch, fake Apple Music icon, and wildly inaccurate company details in the footer, I am positive Apple did not send this email. A reputable company would never be so sloppy. That being said, now I'm curious about the demise someone evidently had in mind for me. What if, half-awake or intoxicated, I had instead chosen to Renew my subscription?
Why ID Spam/Phishing Email?
Using extreme caution to avoid actually clicking the link, I combed through the original message using source view, located the embedded URL, and submitted it to VirusTotal for analysis.
Disclaimer: DO NOT interact with suspected spam or malicious content unless you understand the risks and have a valid reason for doing so.
Malicious Intent
The verdict was returned in under a minute, with vendor flags thrown for malicious content and phishing.
Hostile Takeovers
Chaos ensues as the malware deletes the trusted/disallowed cert lists. Clearly, the rabbit hole went very deep, far beyond my expectations.
Global Threat Actors
Lastly, note the actual destination of that link from the email. Far removed from anything related to Apple, it belongs to a ball bearing dealer in India.
Summary
Okay, and on that note, let's recap…
Next time those unread emails start piling up, apply what we learned today. Scan the previews, look for red flags, and deal with any obvious spam first.
Red Flags (Email Preview)
🚩- Visible changes in font size and thickness
🚩- Unclear or vague origin and subject line
🚩- Deadline in a few hours to trigger a rushed response
Now you can open and read the emails that appear legitimate, but stay vigilant, checking for suspicious details and not clicking on any links.
Red Flags (Email Body)
🚩- Fear of Missing Out (FOMO) emphasized in the message body
🚩- Icons or logos that appear fuzzy, altered, or modified
🚩- Inaccurate company name, address, or contact info
Finally, trust but verify. Except for actively generated security verification emails, use a website or app to log in directly, not an email link. At this point, you can both validate the email and conduct any necessary business.
At the risk of sounding cliché, better to be safe than sorry!
-killshot13
Don't forget to 💖 this article and leave a 🗨️; I look forward to reading your thoughts and opinions in the comments below.
Image Credit: "@theRealAppleMusic", adapted from "UnKnown Caller" by Rick Patin, used under CC BY 4.0. "@theRealAppleMusic" is licensed under CC BY 4.0 by Michael R.
Top comments (0)