Identify Phishing Red Flags on Your Mobile Device
June 15, 2020
Identify Phishing Red Flags on Your Mobile Device
Mobile devices make email communication easy and convenient, but the smaller screens and e-mail app can limit what is or isn’t displayed, leaving us quick to click. People are ordering online items more than before and the bad guys know this. They continue to send phishing attempts trying to trick you into sharing your account credentials. Below James from our IT department shares a few things to look for when spotting phishing emails on your mobile device.
Can you tell which Amazon.com emails are real or phishing attempts?
Things to look for in the email list above.
- Some of the emails display ‘Fw:’ in the subject line. Amazon would send emails directly to you, not forward an email.
- The sense of urgency or action required can be a red flag. Look for “Action Required” or “Suspended” in the subject line.
Notice all of these emails above claim to be from Amazon.com, but some actually have different web addresses in the from section.
- Amazon.com comes from the “name” or “display name” field in your email settings. This is easy to change and allows anyone to be Amazon.com in a few seconds. See the example below sent from my personal email account.
How do we know if it is Amazon sending us an email? What do we do next?
- For further investigation, click on the email to open it, but be careful not to click on any links.
- You will notice this email was sent to kuku-noreply@amazon.com. You should see your email address or contact name in the ‘To:’ field of the email.
- They continue to use the amazon.com theme to try and build trust. In this case they have sent this email to kuku-noreply@amazon.com and most likely blind carbon copied my email address along with a large list of other email addresses.
- You will also notice a lot of grammatical errors (random words capitalized, improper use of past tense, words out of order, words misspelled). Look for them in the example below.
Next we can click on the “Amazon.com” to see the sending email address
- The display name is Amazon.com, but the email address is super long so you cannot see the full address actually ends with @kuncihondabeat9.com
- That is definitely not an Amazon email address. They make it super long intentionally so it hides the @domain name on certain displays.
- Amazon email addresses will be different depending on the subject or department it is coming from, but should end in @amazon.com. A few that I’ve seen are: order-update@amazon.com; shipment-tracking@amazon.com; digital-no-reply@amazon.com; auto-confirm@amazon.com
- Look at the email address below. It is not actually Amazon.com.
The examples shown were taken from an iPhone, but the things to look for remain the same no matter the device. Viewing your email through a different email client or web browser could make some of To: and From: fields easier to view. I used Amazon.com as the example, but the phishing attempts could be a spoof of any company. As a basic reminder, remember to NEVER click on verify account, change password, or log on links in an email. Instead open a new web browser and type in the web address you need to access and log in from there. If you have any questions or concerns about your account, reach out to the company through their contact section on their web page.