Malicious parties are constantly trying to trick people in order to make some personal or financial gain. They spent quite a bit of time creating fake websites and spoofing emails in order to trick you into giving them information. This could be your payment information, credentials or other personal details that they can either use or sell.
With all this going on, how can you be sure that those emails and links are genuine?
You might think that you need fancy security systems such as O365 ATP or Symantec Messagelabs in order to protect against these types of attacks. Although they might prevent the majority of these threats, they don’t block them all. Also, If we are talking about non enterprise emails, then you are probably not going to fork out for a big fancy security system just for your gmail account.
Google, Microsoft and other email providers obviously have their own security systems behind the scenes. This again will help stop the majority of those nasty emails but won’t catch them all. If it looks too good, it probably is but just in case you are wanting to click on that link, here are a few things you can do in order to check if it’s safe.
I’m not going to go into detail on how to spot the signs of a phish. There are plenty of sites have done it already. Some of these sites are below:
- https://www.equifax.co.uk/resources/identity_protection/how-to-spot-a-phishing-email.html
- https://www.carbonite.com/blog/article/2018/10/how-to-spot-a-phishing-email
- https://www.which.co.uk/consumer-rights/advice/how-to-spot-an-email-scam
I will add something on top of these useful links though. If you do figure out where the email has come from, there is a useful site you can use to check it’s status. It’s called Trumail and you can simply type in the email address and search. This will tell you information about the email account such as if it’s a disposable mailbox.
These are great tips to see if the email is genuine but what about if all the signs point to yes and you still have doubts. Well before you click the link, here’s what you can do.
You first need to copy the address the link is directing you too. Be careful when doing this as you might accidentally click the link. To copy the link, right click the URL (Link) and select ‘copy Hyperlink’. Once you have this, fire up a browser and go to https://urlscan.io/
This is an awesome site which will basically open the URL for you. It will also show you some handy information so that you can see if it’s safe or not. It will also give you a screenshot of how the site loads. This will allow you to see for yourself if it looks genuine or not.
Aside from this, you can also check the URL against Virus Total. This is well known site in which security researchers and professional use to submit new threats. Simply paste the site under the URL tab and it will let you know whether it’s malicious or benign. It also have a Community tab which is worth checking out.
There is one more site that I wanted to share with you as sometimes the URL is more than just a site.
If the URL is linked to downloading a file, it will most likely have a file format at the end of it, such as https://site.com/media/fakefile.zip.
Although the sites mentioned above are really useful, they won’t be able to open the file for you. For this, you need a site like Hybrid-Analysis. This site will spin up the file within it’s Sandbox environment. You might have to wait a few minutes but once it’s finished, you will get a lot of information back. With this, you will be able to see if the file is malicious and if it is, what it does. This is a very powerful and handy site to use for personal or professional use.
These are just some of the techniques and tools you can use in order to test if that email, link or attachment is malicious. Remember, hackers are getting smarter so don’t trust everything at first glance when it comes to sharing personal details. If you weren’t expecting that payment receipt or simply don’t trust the email, report or delete it.
amoran.io 
Leave a Reply