The EASY Way

Phishing is a massively prevalent problem on the Internet these days. If we had to choose a way to get access to your systems or data a phishing attack would probably be our first choice.

While researching phishing recently for a cybercrime event we were hosting, we hit upon a short and simple process that is very effective at identifying phishing emails.

We're calling it The EASY Way. Does that mean it's easy to identify a phishing email? No, to be honest, it's still tough but EASY is "easy" to remember and it will give you a good chance.

The EASY Way

Answer these four questions about an email you receive.

E - Were you EXPECTING it?

Phishing emails come out of the blue with seemingly unusual requests. Like "Please review the attached". Were you expecting to review something? Does it seem odd?

A - Does it require ACTION?

The phisher is going to require you to perform some kind of action. This will almost certainly involve visiting a web link or opening an attachment.

S - Does it make SENSE?

This covers a lot of sins but examples are poor spelling/grammar, a generic email address such as @gmail.com, an unlikely scenario - "African Prince needs to transfer you millions of pounds".

Y - Is it addressed to YOU?

One of the most common traits is a genericly addressed email. Now, when you get to spear phishing this can be less likely but getting an email to "Dear Customer" from your bank is very unlikely.

Lastly:

If you're not sure, just IGNORE

If the email appears to have come from a colleague then get in touch with them, maybe by phone or walk to their desk, and ask them if it was legit.

If something feels dodgy and you're not sure, just ignore it! What's the worst that will happen if it was legitimate? There's always another way to deal with the apparent problem without risking the security of your computer.

If you want something to print out and put on the wall next to the water cooler, try our handy anti-phishing flyer.

There's much more to come on The EASY Way so consider signing up for our newsletter (big box on the right hand side) and we'll let you know when new stuff becomes available.

Author image

Marc Wickenden

Technical Director at 4ARMED, you can blame him for our awesome technical skills and business-led solutions. You can tweet him at @marcwickenden.

Related Blog Articles