Look out for these 5 red flags in your emails to protect your and your business against Business Email Compromise (BEC).
Suspicious Email Address of the Sender
The email address of the sender(s) can mimic legitimate businesses. Threat actors often leverage email addresses that resemble reputable organizations but alter or omit a few letters and numbers.
Generic Greetings and Signatures
Lack of contact information in an email signature block, or generic greetings such as "Sir/Ma’am" or "Dear Valued Customer" are strong indicators of a phishing email.
Misspelling and Layout
Odd sentence structure, misspellings, poor grammar, and inconsistent formatting are strong indicators of a potential phishing attempt.
Spoofed Websites and Hyperlinks
When hovering a cursor over links in the body of an email, if links do not match, the link may be spoofed. Malicious variations from legitimate domains leverage different spellings or domains such as .net, vs .com. Other tactics include the usage of URL shortening services to conceal the true destination of links.
Unsolicited emails which request users to open or download attachments are common delivery mechanisms for malware.