The first business task each day is to quickly browse through email messages to find out what is most urgent to work on for the day. Today while browsing through my email the following message appeared:
The most suspicious thing I noticed was the attached Document.html file, clearly something that the sender wants me to double-click on to open up. Instead of falling for that enticing trap I noted that the message was sent at 1:20AM, which is not when a real person sends out email. The next suspicious thing was the sender’s name: Payable | Authorization. A real sender has a real name, like, “Bob Smith”.
My final clue that this was in fact a phishing email not to be trusted was the senders email address: firstname.lastname@example.org
Another telltale sign that this is a phishing email is the broken English grammar, lack of a company logo, email, address, etc.
Be wary of just clicking any attached document in an email, as it may be an attempt to install a virus on your computer or simply direct you to a website that injects malicious code on your computer. Just look carefully in each email message:
- From name – someone that you know
- From email – a known company that you do business with
- Time – sent during business hours
- Grammer – perfect English
- Logo – the official company logo
- Identity – company name, address, phone