Apr 29
How to Identify a Fraudulent Email
April 29, 2021
It’s becoming easier for hackers to create fraudulent emails by imitating colleagues, partners, suppliers, and institutions that have earned your trust. Regardless of your employees’ loyalty or the spam and phishing filters installed on your email server, your business is at risk of being a victim of fraud. To prevent it, let’s discuss the characteristics that make up a fraudulent message and the elements that should raise suspicions for you and your employees:
- An email address with omitted letters or the use of a public server - In principle, hackers will try to create an email address as similar as possible to the one they are attempting to imitate. To achieve it, they omit letters that are easy to ignore at a quick glance or modify a company name in a credible way. For example, instead of the organizational email juan.delpueblo@popular.com they could use juan.depueblo@popula.com or juan.delpueblo@bancopopular.net. Also, don’t trust emails bearing addresses from public servers like @gmail.com or @hotmail.com. Other emails you shouldn’t trust are those that, despite showing a reasonable screen name, have a strange address, such as l5248@linkmat.com.
- Writing mistakes - Misspelled words, poorly structured sentences, double spaces between words, informal language, and grammatical errors are strong indicators that something is wrong. Also, pay attention to incorrect or expired dates. Reputable institutions have professional copywriters overseeing the quality of official communications.
- Messages demanding urgent and confidential action - Attempting to collect your information or obtain funds in an illegitimate manner, hackers will present an urgent and confidential request, insisting on its importance, so you don’t have time to question the legitimacy of the request until it’s too late. For example, your employee might receive a message from an alleged coworker urgently asking for help with a late payment to a supplier. Also, he urges the recipient to keep the information confidential so his job won’t be in jeopardy and assures the recipient that if he accepts, he will owe him a great favor.
- A sudden request that falls outside established procedures - The most common suspicious requests include asking you to confirm your user information by clicking on a link, requesting an “update” to the details of a payment made to a beneficiary by using the information they now provide, supplying new contact information that is different from the one previously verified, and insisting that from now on you only use that new information to contact them. They may even claim to be your bank and ask that you provide your personal identification number (PIN) or other sensitive information.
- Checklist to prevent fraud in your business
- Protect your business from malware and phishing
- Best practices to avoid fraud
- Avoid fraud on your debit and credit card
- Prevent fraud from ruining your business