How to tell if an email is malicious spam
Today the following email came through my theoretically spam-protected inbox:
Initially I assumed it was SPAM, but I took another look.
This email is:
- Unprofessional in appearance
- Has no branding
- Basic links
- No personalisation
These are all red flags for malicious intent.
Was this email SPAM?
No! Incredibly, this wasn’t a SPAM email despite all evidence to the contrary. So we thought it would be helpful to provide some quick and basic tips for checking if an email contains malicious SPAM before you immediately delete it or click on any potentially dangerous links.
Quick tips to check if an email contains malicious SPAM:
1. Google dbschenker.com (see the sender is @dbschenker.com)
If you Google the email address or domain of the email sender you can see if there is any information about them. In our case it took us to a legitimate-looking website for logistics and shipping, a pretty strong sign of a credible sender.
2. Check your links – before you click them!
The first link in our email was http://www.startrack.com.au. Pay special, close attention to the first part of the domain name.
If it had been an alternative domain like http://www.autosender.startrack.com.au, for example, it would be less clear. But, the top level domain was https://www.startrack.com.au so it’s safer to assume a legitimate website.
3. Is the email relevant to you?
In this case I had ordered something from Dell and this email was confirming a delivery for a Dell product, so it made sense. If you receive an email regarding an item you haven’t ordered, that’s a red flag.
With these 3 clues I decided it was likely a legitimate email. But I decided to be overly cautious and click the link on a phone instead of a desktop. Phones are far less susceptible to traditional virus infections than your average PC (Apple or Android) and doing so confirmed the link and email were legitimate.
Did I need to be suspicious of a basic email?
Yes, being suspicious of ugly looking emails is good! Always err on the side of caution even if your organisation has firewalls and security systems in place to protect against a traditional malicious link attack, it’s never a guarantee.
So, be aware, look for the signs and if in doubt ask your IT people. Or, like me, if you are 99% sure it’s O.K, maybe test it on your phone first rather than put your corporate network at risk.
For more info on how to stop cyber-attacks through malicious email SPAM succeeding talk to your IT provider today.
« Back to News