Spear phishing

The user needs to seek answers to the following questions when they receive an email with a suspicious link or attachment, to identify if it is spear phishing.

Who is the sender?
User who is usually an employee should verify with the source whether it has definitely come from said person.

Is the style of writing consistent with the sender?
User/ employee should have keen eye to observe and analyze if the approach made by sender is familiar one or is it something different.

Does anything appear unusual about the tone, spelling or urgency of the email?
User needs to assess if there is an unusual request or urgency expressed in the mail for some details or information.

Is the request irrelevant (e.g., to open a file the user wasn’t expecting)?
User should assess if the request made is relevant or irrelevant and one that seems fishy/phishy.

Have other colleagues received a similar email?
Cross verify with other colleagues if they have received similar mails.

<< Previous

>> Next