Think You're Not a Target? All It Takes is an Email Inbox


The vast majority of security breaches involve malicious attacks against employees through fraudulent or spoofed emails. Learning the Red Flags of these emails may help prevent your organization from a significant financial loss caused by a simple human error.


Email Sender: If the Email sender is unknown to you or has a suspicious domain address, be cautious and question it's authenticity. Specifically if it's not from someone you regularly transact with and they are request that you provide additional information, click on links, or open attachments. If the message includes random groups of people from an unknown sender, this is another indication of a potential phishing email.

Hyperlinks and Attachments: If you receive a suspicious email from an unknown sender, do not click on included hyperlinks or attachments without properly vetting the message. Most Phishing and Social Engineering events occur because an employee clicked a hyperlink or opened an attachment from a fraudulent email. An easy way to spot a spoofed hyperlink is to hover your mouse over it and review the web address in your address bar for authenticity. Spoofed links may carry different hyperlink descriptions, slightly misspelled web addresses, or long links with no further information. It just takes one character to be different for the address to be fraudulent. To spot suspicious attachments, pay attention to the file type and the content concerning the email. If the file type is not familiar and has no relationship to the content, it's likely fraudulent.

Email Content: There are key content indicators that can help identify fraudulent emails.

  • Is the sender asking you to open a link or attachment to avoid a negative consequence or gain something of value?
  • Does the message have bad grammar, spelling errors, or just seem out of the ordinary?
  • Is the message asking me to look at embarrassing or compromising pictures of myself or those close to me?
  • Do you have an uncomfortable (gut) feeling about the senders request?

All of the above a indicators of a fraudulent email.

Authentication of Funds Transfer: Threat actors have become more sophisticated in their social engineering attacks, which has made spotting fraudulent emails more difficult. Criminals may gain access to the email accounts of high level employees and monitor their messages to learn personal information and characteristics specific to the sender, attempting to validate funds transfer requests through email. They may include details that only the sender and receiver know, hoping to remove any authentication. To prevent these types of attacks it's crucial that an authentication protocol be put in place to validate all transaction. The simplest authentication involves a phone call or in in person interaction with the sender validating the transaction request.

Multi-Factor Authentication and Office 365: The majority of successful phishing attempts involved accessing a Microsoft 365 account, where a message tricked users into entering Microsoft 365 credentials. The best way to combat this is by utilizing some form of Multi-Factor Authentication, where an additional password or key is requested after logging into 365 or any other critical network. Using some form of MFA when accessing networks can greatly reduce your risk to attacks, even if credentials are obtained. When accessing networks remotely, MFA Multi-Factor Authentication should always be required to access any sensitive data. There are many free MFA tools provided online to the public, including a Microsoft mobile application specific to Office 365.

This article is made available for informational purposes and is not intended to be a substitute for professional or legal advice. No attorney client relationship is formed or implied between you and the authors(s) or Cyber Armada Insurance.

Topics: Malware Phishing Cyber Attack Coffee Break

Cyber Armada Team
Posted by Cyber Armada Team on Feb 3, 2020

Apply for Cyber Insurance Online

Answer a few questions online and Cyber Armada will design a cyber insurance policy tailored to your particular needs.

Apply Online
Apply for Cyber Insurance
Schedule an appointment with Cyber Armada

Can we talk?

We're ready to talk when you are. You can schedule an appointment to speak with a representative from Cyber Armada when it is most convenient for you. Whenever possible we use online meetings to increase productivity and increase the amount of time we can spend with you. We use Zoom Meetings as our preferred video conferencing platform.

Schedule Appointment