Danger In Every Email You See: 16 Red Flags

Oct 26, 2021, 2:43 PM

If you’re reading this blog post, you probably use email. It might be at your job, to communicate with co-workers on the other side of the building or the other side of the country. Or it could be at home, with family and friends. Most likely, it’s both.

Though many email systems have built-in security to protect their users from spam and solicitors, someone who wants to get in your computer, or get at your list of friends and customers, can do it by phishing.

Phishing

If you’re not familiar with the term, “phishing” is what it sounds like: a hacker sends out bait – often in the form of an email that looks trustworthy – and tries to hook a target: you.

Computer security experts have identified several kinds of red flags you need to look for to spot a suspicious email. Every part of an email can be a risk.

From

• An email address you don’t recognize
• An email address you recognize, but the message isn’t one you’d expect them to send
• A well-known company that doesn’t normally email directly to customers

To

• People at my company who normally don’t work together
• Employee names I don’t recognize

Date

• A message sent outside business hours
• A message sent on a holiday or non-business day

Subject

• A subject that doesn’t match the content of the message
• A reply to something I never sent or asked for

Content

• The email communicates a sense of urgency
• The email asks for sensitive information
• The email contains a message that makes no sense
• The email’s message asks for something the sender wouldn’t ask for
• The email is asking for money

Links and attachments

• Hovering over a link on the screen shows the link goes to a different website
• The attachment doesn’t have anything to do with the message

Does this mean you have to second-guess yourself every time you check your email? No, just be aware of the potential for danger. A modern email system, probably like the one you’re using, will catch most “bad” email.

For the few messages that get through the system filters, you can protect yourself by reaching out another way. Don’t use the “reply” button in an email — it might reply directly to the person who’s trying to damage your email account.

If you get an email from a friend that doesn’t sound like him or her, make a phone call, or send a text. Ask that person if they sent the message. If they say no, you know it’s a fake. And now your friend knows their account has been compromised, so they can tell everyone else on their email list to be careful.

Multi-factor authentication

If your email is ever compromised, be sure to change your password immediately. Also, consider adding an additional layer of security by enabling multi-factor authentication (MFA). MFA is an additional identification component that electronically proves to the system that you are who you say you are. MFA is a process that grants a user access to a system, only after presenting two or more pieces of evidence.

A common example is having a password (something you know) in combination with a device (something you have). It is recommended to have MFA enabled on all work accounts, financial accounts, email accounts, and any electronic account that contains confidential information.

The Mutual Understanding blog and Hastings Mutual videos are made available for educational purposes only. The information referred to is not an official company statement, corporate policy, or offer of coverage. Refer to your insurance policy for specific coverage. There is no representation as to the accuracy or completeness of any information found by following any link on this site. Please contact your local independent insurance agent with further questions and for more details on any insurance policy-related information you read here.

© 2021 Hastings Mutual Insurance Company. All rights reserved.