Anti-Phishing Checklist

08/16/2023

ANTI-PHISHING CHECKLIST


 





















CLUES - Things that make the communication suspicious.


•    Errors or unprofessional appearance - Does the communication have obvious spelling or grammatical errors? Is the formatting unattractive, such as using ALL CAPS, or too many colors (like Red or Purple Text)?

•    Unexpected communication - Is the message “out of the blue” or a “follow-up” on a request you did not make? Does the message seem unusual, such as asking you to do something never requested before? Does the message mention problems with your account, payment of a bill you don’t know about, or shipment of a product you did not order? Does the message ask for information the sender should already have?

•    Unusual request - Does the communication ask you to provide or verify sensitive information in some way in an unsafe way, such as by phone call or by visiting a website? Ask them to send you a written request – that will put them off.

•    Links and/or attachments - Are you being asked to click on a link or open an attachment? Does hovering over the link show the expected destination URL? Open only attachments you are expecting to receive. The best practice is to preview links and attachments anyway – just to be safe. This is especially true of messages from people you may know personally.

•    Unfamiliar sender - Do you recognize the name and email address of the sender? Does the domain of the sender look unusual?

•    Familiar, yet unusual - Is the sender using an unusual salutation, tone, or signature or sending at a strange time of day?

•    Personal topics -Is the message of a personal nature, such as asking about money or taxes? 

•    No subject line - Two out of Three Phishing emails do not have a subject line – they rely on your curiosity.

•    Unexpected attachment – Were you expecting the sender to send you the attached document? You should verify with the sender, best with a phone call or message before opening it. Instead of this, you could scan it for malicious content.

•    The link (anchor) text doesn’t match the target URL. It would be best to scan all links you are not certain are safe. Use a Tool like VirusTotal link checker.


TACTICS


•    Urgency - Phrases like “required” and “today” or “Urgent” are intended to make you rush. For example, claims of suspicious activity on one of your accounts or an offer of a gift or prize if you respond quickly.

•    Loss - Language about losing access to an account, for example, is designed to make you worry.

•    Authority - Posing as an individual or organization important to you is designed to make you not question what you are asked to do.

•    Familiarity - Using publicly available information about you is intended to make you assume familiarity with the sender.

•    Reciprocation - Offering you something is designed to make you feel obligated to provide something in return.

•    Popularity - Language about other people doing something you that are not (doing) is designed to make you feel wrong. Fear of missing out (FOMO)

•    Curiosity – Language intended to spur your curiosity and open a link without evaluating the risk of doing so.

•    Seasonal - Offers related to time of year, such as holiday periods.

•    Event-related - Offers related to significant current events such as the pandemic or a recent serious weather event.