Phishing emails are created to look like emails from financial institutions, government agencies, or ecommerce sites. Scammers design these emails...
Money or Malware? Beware of Malicious Email
Did you get an email with a "remittance invoice" you weren't expecting? Be careful. It could be a malicious email. Learn how to spot them.
(I know I know, who doesn’t want free money?)
The promise of money comes into your email as a “remittance invoice.”
This can be nerve racking for anyone, especially if you work with sensitive information.
Watching Out For Malicious Email
Here are a few things to look out for if you think you may have received one of these fake invoices:
- Suspicious File Name: The name of the file is “REMMITANCE INVOICE.pdf” Once opened, the user is directed to open a .docx file named “has been verified. However PDF, Jpeg, xlsx, .docx.” The file name makes it appear that Adobe has verified the file and deemed it safe. You should be very concerned if you see this dialog box when you try to open the file:
- Suspicious email subject: Another indicator that you may have received a spam email is the term “Remittance Invoice.” If this isn’t a common subject for an invoice you typically receive, it’s more than likely malicious.
- Un-Trusted Sender: If the sender isn’t a familiar contact, chances are it’s not a legitimate invoice and should be reported to your IT department.
Other Ways to Spot a Malicious Email
- Verify the sender
- Check for spelling and grammatical errors
- Hover over the links and check the web destination
- Check the attachment’s file extensions
1. Verify the Sender
Email scammers are able to disguise their strange email address with a normal “sender” name. The sender names appear in bold in your inbox. To verify the sender’s actual address, open the email and look next to the sender’s name.
It looks like this: Sender’s Name <email@example.com>. Read the address closely and literally mind your p’s and q’s. For example, google.com and gooqle.com look very similar at a glance. A hacker may change an address by just one letter.
2. Check For Spelling and Grammatical Errors
Phishing scams can originate from non-English speaking areas. If you get an email and it sounds like broken English, there is a high potential for phishing. The same goes for spelling mistakes. The chances of your bank or the IRS sending you an email with a typo are very small.
3. Hover Over the Links and Check the Web Destination
Before you click anything in an email, move your mouse over the link. Look at the bottom-left corner of your browser window. You will see the web address the link will take you to. Read it very carefully to ensure it’s a site you trust.
4. Check the Attachment’s File Extensions
File extensions are the few characters you see at the end of a digital file. Common ones include .png, .pdf, .docx, and .mp3. The one you need to watch for is .exe. These files contain “executable programs” with the ability to infect your system with malware and other computer viruses.
Need Help Keeping Your Business Safe From Malicious Email Schemes?
If you need assistance installing antivirus software or training your team to spot dangerous malicious email, contact us at firstname.lastname@example.org. We offer a free consultation for managed IT and cybersecurity services.