How to Identify and Handle Malicious Messages

How to Identify and Handle Malicious Messages

Every person in the world who is on the grid via an email address, mobile device, tablet, PC, or laptop receives spam. It has become the norm, and there are programs and software that block a vast majority of these fake messages, but some still seep in. This begs the question; how can you differentiate a commercial spam message from malicious emails that can cause life-changing problems?

The unsolicited commercial messages are typically simple to identify, report to the email host, and discard as trash. Unfortunately, dangerous spam may not be as simple to process. Taking this question a step further, how can you determine if a message contains a malicious attachment or link, or one to scam you out of sensitive personal information or money? If you do discover malicious messages, what is the next step? Does reporting and sending the email to the trash do anything?

Red Flags for Identifying Malicious Messages

By being aware of what you are up against helps you control what to do with the various types of spam messages received. To help, the guidelines list red flags for spotting malicious messages:

The Sender Address is Inaccurate

When first opening the email, look at the sender’s address to ensure it matches the sender’s name and that the domain name of the company is accurate. To do this, ensure your mail client displays the address and not just the display name. Look at the address since spammers have many tricks up their sleeves. For instance:

Santander SM service@santander-sm.com

You would think that this is a real address. However, the bank’s actual domain is Santander.com.

The Sender Does Not Know the Address

Is your name spelled out correctly in the message, and are you be addressed appropriately from the sender? Does the signature match regular legitimate emails from this company or sender? For example, banks will not address you as ‘Dear Customer,’ so it is essential to recognize that the email was intended for you.

Hyperlinks Have Lengthy and Strange URLs

Anytime you receive an unexpected email with hyperlinks, always hover over the URL in the email instead of immediately clicking. If the result is a destination URL that is strange or incredibly lengthy, then it is likely spam. If the link downloads a file, then this could be a malicious message that you must report and not click anywhere. On the other hand, if the URL has used a link shortening service, then it could be spam.

The Spelling, Grammar, and Overall Language Seem “Off”

While spammers are improving on this crucial point, the message still is not grammatically perfect. If you notice the message looks like a spammer used an online translation service or is full of spell and grammatical errors, then it is a dead giveaway that it is spam.

The Content is Too Good to Be True or Bizarre

Like with any situation in life, if it seems too good to be true, then it probably is. Those with long-lost relatives leaving you giant estates, helping foreign princes by sending them money, and unclaimed suitcases in a country across the globe is just not realistic. One major red flag is the spammer promising vast sums of money for a small investment. Historically, this type of spam is known as “419” or “Nigerian Prince” spam.

Assuming all these red flags reasonably check out, is it malicious? If your gut still tells you something seems off, look for the following:

Reputable Companies Sending Unsolicited Messages

All reputable companies, especially financial institutions, never send unsolicited messages requesting credentials. You may receive product updates from a company you purchase a widget from ten years ago, but they will not solicit money or sensitive information. Also, reputable businesses never use link shortening services and will never ask for your debit card, credit card, social security number, or any other personal information.

The IRS does not even email you about owning back taxes, and Microsoft does not send messages that your computer has a virus. There are specific activities that organizations do not do. Unfortunately, threat spammers attempt to fool users by masking the email to look like it is from a legitimate company, sometimes scaring you into believing you must act immediately.

There are Attachments with the Message

Probably the most important takeaway from this entire article is that you should never open attachments you were not expecting. It is that cut and dry. If you receive an unexpected attachment from an individual, you do not know or a company, do not click the message. On the other hand, if it is from a classmate, coworker, acquaintance, friend, or company you have done business with, then follow the above guidelines to see if it is acceptable to open.

There is a Call-to-Action Button at the bottom of the message

Many dangerous emails do not have attachments but use call-to-action buttons to trick you into downloading. This button is an aesthetically-pleasing embedded link meant to attract the eyes and entice you to click. Examine the call-to-action button in the same manner as a hyperlink, hover over it to see the address. If you are unsure, delete the email or check with the sender before clicking.

It Seems Like the Message is Phishing for Info

Another form of common dangerous spam is one that phishes for personal information, which can be as simple as a friend or family member or the company you work for. Credit card numbers and passwords are not the only data spammers want through a malicious email. Remember always to be vigilant, cautious, and err on the side of suspicion until you can verify the sender’s information.

There are several tips to identify phishing attempts, including:

  • Claim there is a problem with your payment information or account.
  • The message contains a fake invoice.
  • Offer for free products or a coupon for free items.
  • Request to click on a payment link.
  • The sender asks you to confirm personal information.
  • The sender claims you are eligible for a government refund if you provide information.
  • The sender says they have noticed suspicious log-in attempts or activity.

How to Handle Malicious Messages

Now that you know exactly what to look for, you must understand the next steps in handling malicious messages. Luckily, this is the easy part: delete the email or message. You could ignore it and let it consume space in your inbox, or you could send it to the trash where it is permanently deleted. It is always best to report the email as spam before deletion, which will send these types of messages and messages from this sender directly to the spam folder, which is periodically deleted. Behind-the-scenes, reporting the message as spam gives the email client information to fight against these types of messages.

If the message is from a financial institution, most have unique email addresses where you can forward messages that are potential phishing attempts. This helps their business by eliminating imposters and helps to keep you safe. If you are incorrect and the message is not spam, then it will help the organization realize that they may need to change email practices.

Email Best Practices

The best reaction to spammy-looking messages is to be proactive in the first place. Some many tools and tips allow you to perform all previous checks safely. This includes disabling various default settings within the email client, including:

Disable HTML

By disabling HTML, there is less chance of malicious scripts executing once the email is opened. If you choose not to disable HTML, then close the preview window so you can delete suspicious emails before opening and doing harm.

Ensure the URL is Viewable

Ensuring the full URL is viewable when hovering over a hyperlink within a message is critical to determine if there should be a cause for concern. This is the default setting within most email clients but if not, then enable it in the settings.

Ensure the Full Email Address is Viewable

Similarly, you want also to ensure the full email address is viewable when you first see the message. This is a primary indicator that the sender and message are suspect, and it should not be opened.

Utilize a Spam Filter

While most email clients have integrated spam filters, if yours does not, ask how to enable it. If the client does not have a spam filter option, then you should think about changing clients. Spam filters are do not provide complete protection, but they stop huge waves of known spam from reaching your eyes, so you do not have to spend the time reviewing the message and making the tough decisions.

As this has been stated numerous times, never open any unexpected attachments. The old idea that only executable files can be harmful is long gone. PDFs, documents, and various other attachments have become just as dangerous.

At the end of the day, when in doubt, throw it out. If the email contains seemly legitimate information that could be important and you are still unsure, contact the sender another way, other than a reply. If it is a financial institution, find their number online and call to ask if a specific message was sent and if it is safe to open. Often, they did not and will be happy you reported the spammers.

There are a countless number of spammers and malicious attackers who send mass emails to millions of users, hoping that a few click their call-to-action buttons, embedded links, and open their documents. By doing so, this can wreak havoc on your life by installing files that track your online movements and pull sensitive information from your accounts as you go to different websites. This all occurs in the background without your knowledge. Therefore, take the safe path by reviewing the above guidelines and contacting the company if you are still unsure. You will be thankful you took the extra time to do so!

Subscribe to our Newsletter

We strive to produce content that will be useful to you, which will let you know about the latest useful products as well as sustainable solutions for your IT fleet.

You may also like

What is CEO fraud

CEO fraud, also known as president fraud or false corporate officer scam, is based on a targeted phishing technique in which a fraudster poses as

Read More »

Share this post with your friends

Leave a Comment

118GROUP
Rated 4.9/ 5 based on 20 customer reviews
Secur01 Inc.
4455 Autoroute 440 West, Suite 283 Laval, Quebec
Phone: 514-732-8701 $9-$999

Free Consultation

We will call you in a moment