Search Go hack yourself with Detectify

An EASM blog from Detectify

How to identify a phishing email

October 20, 2016

A phishing email that supposedly comes from Telia, a mobile network operator, has recently been doing the rounds in Sweden. The recipients were asked to click on a link in the email to access their monthly mobile bill. There is a lot of money to be gained from phishing attempts, which is why the number of suspicious emails in circulation keeps growing and the attacks range from mass send outs to sophisticated CEO fraud. In this blog post, we explain how to identify phishing attempts in your inbox and stay safe.

Phishing email

What should I look out for?

Always start by checking who the sender is. Make sure to take a closer look not only at the sender’s name, but also the actual email address they are contacting you from. If the email address is misspelled or unusual in any way, e.g., you should be careful. Trust common sense and your gut – if it feels suspicious, it most likely is.

Be wary of downloading attachments and clicking on links in emails. For example, if you receive an email from your mobile network operator asking you to click on a link to download your bill, go directly to their website in your browser and log in there instead.

Don’t trust anyone, not even well-known companies. “Many people who don’t even use Telia would probably open the email and download the file. The same thing goes for other trusted brands like the postal service,” says our security expert Linus Särud.

Don’t open suspicious emails when you’re under pressure. Linus explains: “Attackers have started analysing what the best time to send an email is, for example when you’re on your way home from work and you’re feeling stressed. At that point, you are more likely to be caught off guard and make a mistake. To avoid this, check your email when you are not under pressure.”

Sometimes, receiving a phishing email at the right time makes it less likely for the victim to become suspicious. Maybe you’re in the habit of deleting emails that look like spam, but at some point, the email might suddenly be relevant to your situation and you’ll open it.

What can happen if I take the attackers’ bait?

If you download a file, there is a considerable risk of your computer becoming infected with a trojan. The attacker can then control your computer, including your microphone and webcam. “If that happens, you’re completely owned,” adds Linus.

You might be prompted to log in to a fake site that looks exactly like the real thing and comes across as entirely legitimate. If you log in, the attackers can access and steal your credentials.

If you are the recipient of a personalised phishing email, you might be asked to transfer money to someone posing as your boss. This type of individually targeted phishing, often called CEO fraud, is becoming increasingly common as people aren’t likely to be mistrustful when they receive an email from what appears to be their employer. Our expert explains how advanced these phishing attempts can be: “Attackers have realised that they can get huge sums of money by carrying out more sophisticated attacks. They are very thorough and study the tone of the communication between employees to make the emails as personalised and authentic as possible.” Linus emphasizes that this can be prevented if internal security routines are in place. Important emails that involve money transfers should always be double-checked.

Stay safe!

Do you have questions about identifying phishing attacks and staying safe online? Drop us a line at hello[at] We’d be happy to answer your questions!