How to identify phishing emails

According to statistics from email security firm MailFrontier, only . 4% of users are able to identify phishing emails at 100% accuracy rate. This is a worrying information when the shopping season is approaching and people start to rush to the Internet to shop.

MailFrontier's results are based on the Phishing IQ test, which lists 10 email templates and users have to mark which emails they consider to be legitimate and which are fraudulent. Sample emails are all taken from Chase, PayPal, US Central Bank, MSN, Earthlink and Amazon.

This year, the average correct rate of test participants was 75%, up from 61% last year. MailFrontier believes that this improvement is the result of users becoming more and more knowledgeable about phishing and "more suspicious".

One of MailFrontier's surprising findings is that young users (18-24) are more vulnerable to deception than older users (55+), although they are more sophisticated about newer technology.

5 paranoia about phishing

MailFrontier's most important contribution in this research result, is that they have pointed out five things people still paranoid about phishing.

1. "Oh, find a trick that is as easy as peeling candy!"

The biggest mistake users have is that they are always too confident in their abilities. Although the level of user awareness of phishing emails has improved a lot, it does not mean that they are alert and knowledgeable at all times to know that they are being cheated. Most of them still equate a phishing email with legitimate email.

2. So the spam filter is a pile of scrap metal?

Most users tend to divine spam filters, saying they can detect and prevent all phishing attacks. And so they are assured, carefree click on every email that appears in their mailbox. Be aware that in order to "catch" a phishing email, there must be a series of complex analysis and evaluation tools, but only a spam filter alone only knows . "laugh except" only.

3. Can phishing email be blocked by domain authentication?

Use domain authentication as a tool to block phishing emails as a third myth. Spammers, as well as professional phishers, have shown they can completely overcome this gate.

4. Is it possible to block phishing email from detecting a URL in the URL?

The vulnerability in the URL address is a good sign to know that something is not right, but itself cannot do convincing evidence. Many legitimate companies still use techniques like redirecting URL addresses, using long URLs (exceeding the length of the icon bar) and even raw IP addresses in their emails.

Phishers understand this fact very well, so they took advantage of them.

5. Why do I need to act to protect myself and my company from phishing emails?

This is the last and perhaps most important paranoia. Users always think that they do not need to do anything, or doing is not helpful. However, this "laziness" can lead to incalculable consequences: loss of personal, financial and confidential data of the company.

According to MailFrontier predictions, the amount of phishers cheated this year will increase by 25% compared to last year to . 1 billion USD.

Holding Exam