This week the Attack Library mini-series will focus phishing emails, a social engineering attack that many people encounter on a day to day basis. This blog will detail what common phishing emails contain, and how to deal with this form of attack.

Phishing attacks are used to obtain information such as usernames, passwords, credit card information or more by impersonating a trustworthy party such as banks, shopping sites or online payment processors. Phishing e-mails are typically sent to large numbers of people in an attempt to maximise the quantity of harvested data.

Many phishing campaigns are intentionally crafted to mimic a website and entice you into clicking on a link that you believe to be legitimate.

Attack Library – Denial of Service

Social Engineering Toolkit, a widely available toolset, allows an attacker to download and host a copy of a website that will collect entered information from victims. When checking an email to see if it is legitimate, look out for the following signs:

Check for grammatical errors, they are usually sent from people where English is not their main language.

Many phishing emails will address you in a strange manner. For example, some may start with “Dear customer” or “Hello” while a legitimate sender will use your name.

Email spoofing is the forgery of an email header, so the message appears to have come from somewhere else. Check the whole e-mail address to ensure it comes from a legitimate source (noreply@barclays.com).

If you receive a phishing email, do not click on any links or enter any sensitive information. If you are unsure whether the e-mail is from a legitimate source, then contact the company directly or manually visit the legitimate website to be certain. For example, if you receive a Barclays email which you think may be phishing, navigate to the Barclays website yourself.