Skip to main content

Spot Malicious e-Mail Like a Pro!

| By | Uncategorized

Colleagues,

E-mail is the number one tool for business communication, worldwide. Hackers use email to steal personal information, spread viruses, ransomware and other malicious actions throughout a network. It’s important for all of us to practice awareness when using e-Mail.

These tips will help you spot malicious e-mail like a pro! However, these tips must work together, not individually. Consider each like a digit in a pin code, all are necessary. Most importantly, NEVER click a link or download content without first applying these tips !

  • Personal information?

Is the e-mail asking for personal information? More importantly, is the email asking you to click a link regarding personal information like your password. Keep in mind IT will never send an e-mail link regarding your password or personal information.

  • Grammar

Believe it or not, bad grammar was cited in a study as a common give-away for malicious e-mail. Bad grammar or misspelling from a business e-mail is a red flag.

  • Urgent or time sensitive!

Malicious emails often cause fear by presenting an urgent situation. Common messages are: “Your bank account has been hacked, respond right away” or “Your wire transfer has been granted, click here to review” or “I have pictures and I’m coming after you – click here to download”. Some e-mails may even have your name, company or town you live in – don’t fret!

  • Is the e-mail common or routine?

Counter to an urgent e-mail, hackers also attempt to mimic a routine process with an easygoing tone. These messages are purposely vague and may target specific business types. For example, in the healthcare field, we may see an e-mail regarding a patients electronic document with a link or attachment. Proceed with caution, always verify the Sender and Context are valid. 

  • Verifying the sender and context

Malicious email can come from a colleague or friend. Verify the name and email address. If the email address is misspelled or looks different, that is big red flag. However, a valid email address does NOT automatically qualify the email as safe. You must also review the context. “Does this person usually email me about my car’s warrantee?”

If an email comes from a colleague and it seems suspicious, contact the person by phone and verify the details. “Did you send me this email?” Its always best to verify so we can all spot a problem as early as possible.

What to do?

1. If the e-mail sender is an internal Rutgers email address, contact IT immediately.

Call: 732-235-4715

Click: UBHCHelp.Rutgers.edu click Get Help!

2. If the e-mail sender is an external e-mail address, the address can be permanently blocked.

How to Block Sender:

  • (1.) Right Click the e-mail
  • (2.) Select Junk
  • (3.) Click Block Sender

3. Delete the e-mail! Do not attempt to click a link or forward the e-mail to a colleague.

This short video provides tips on spotting PHISH-ing e-mail… 

I hope you found this message helpful.

Thanks for reading.

-JK