Contents
What are Spam emails?
Identifying Spam: all the major red flags you need to learn
Emails from outside Dietitians Australia
Incorrect or unfamiliar email addresses
Strange/unprofessional subjects
Identifying Spam in practice
What are Spam emails?
Spam is any kind of unwanted, unsolicited digital communication that gets sent out in bulk. Often spam is sent via email, but it can also be distributed via text messages, phone calls, or social media.
Spam can come in a variety of different types. Some may just be unwanted adverts, while others may be attempting to impersonate staff, executives, or stakeholders of Dietitians Australia as a tactic to capture payment information or steal sensitive information. Identifying spam and acting on it appropriately is important to safeguard the business from data breaches and identity theft.
Identifying Spam: all the major red flags
Below is a list of key things to look out for, that can help you to identify if an email is legitimate or if it is malicious:
Emails coming from outside Dietitians Australia
If an email claims to be from DA staff, execs, or the Board, it should NOT be coming from outside the organisation. Only email addresses ending in @dietitiansaustralia.org.au would be used for company business. All emails from outside the organisation will have a CAUTION: banner at the top of the email. If you see this banner on an email that is supposedly coming from inside the organisation, this suggests it may be someone trying to impersonate a DA staffer, exec, or Board member.
Incorrect or unfamiliar email addresses
The sender's name and their email address, particularly after the @, are often quite different from each other in illegitimate emails. For example, the screenshot below shows an email claiming to be from the ‘Support-Desk’, however the email is coming from a different, unknown email address, with an unfamiliar company name after the @ in the address. If this were coming from the DA support desk, it would be from the helpdesk@dietitiansaustralia.org.au email address, or for Helpdesk Agents it could potentially from the company that supplies our Helpdesk platform, Zendesk.
The same is true for emails seeming to come from colleagues, executives, and the Board if appearing to come from what could be personal email addresses. Unfamiliar personal email accounts won't be used for Dietitians Australia business, so if the address is unfamiliar, it's a massive red flag.
Calls to action
Often, scammers will claim that you must click a link or open an attachment immediately to avoid a penalty or avert a crisis. This is to create a false sense of urgency and trick you into engaging with a suspicious email. If you think a call to action may be legitimate, seek assistance from the IT team through the Helpdesk. Scammers pretending to be a colleague or business partner might also add that they can't talk on the phone, to deter you from validating their request for action.
Generic greetings
If an email is coming from inside the organisation, it should be expected that the sender will know your name or address your specific team. Generic greetings like just “Hi” or “TO: (email address/inbox name)” are another clue that an email may be spam.
Poor grammar and spelling
It might not be unreadable, but spam often uses poor English, perhaps intentionally in order to engage unwary or inattentive recipients. Below is an example of an email with readable, but clearly incorrect English.
If not totally poor quality English, you may still detect an unusual tone or wording compared to what you'd expect from the alleged sender.
Strange/unprofessional subjects
Legitimate emails will usually come with predicable and professional looking subject lines. Check that the subject makes sense in plain English and matches the content. In the email below there is an example of an unusual, unspecific subject for ‘pr’, with no specifics about what it is for or who it is from. Most invoice emails will have an invoice number in the subject line at the very least and come from an expected business partner. Invoice emails should always be eyed with a high level of scrutiny.
Suspicious attachments
While caution should be exercised with any email attachment, some specific file types should be handled with extra caution. The file type is after the “.” in the file name. In the example below, the file type is “.SHTML”. Some files are blocked by default, but even normal Office files can be malicious. Be extra wary of HTML, SHTML, Zip, PDF, EXE, PHP, ASP files.
Strange/unfamiliar formatting
Be alert to strange spelling, weird formatting, low-res graphics, and messages that often don't tie everything together to make complete sense. In the image below the ‘Microsoft’ logo is stretched and blurry and the formatting is messy and unlike other similar invoicing emails from other companies.
Also, note that Microsoft will not be invoicing you! Nor will they be asking you to confirm your password or reset 2FA. The formatting, content, subject, sender, sender's email address, call to action and more should all tie together.
Image-only emails
Some spam emails will appear to have text but are actually a large, single, hyperlinked image. When you open the email, it is easy to accidentally click the hyperlinked image, which can take you to a malicious website. To identify if an email is an image-only email, hover your cursor over the text of the email. If your cursor icon appears as an I-bar, that indicates it is hovering over text. If your cursor icon appears as a hand and pointing finger, this indicates it is held over a link that you should not click. You can also resize the preview pane and see if it reflows or not. Please see example cursor images below.
Example of what cursor looks like over real email text
Example of what cursor looks like over a malicious image-only email
Unexpected emails
If you have not specifically triggered a password reset, or a two-factor authentication reset, then any email claiming to be one should be treated as dangerous. Don't click any links.
If you want to try and validate whether an email requesting password/2FA details is real or malicious, one way is to 1) NOT click any links, 2) open a web browser yourself, 3) Google for the company name and visit the site from the search results , then 4) see if you can sign in as normal. If you are unsure if a reset email is legitimate, you should reach out to the IT team through the Helpdesk.
Identifying Spam in practice
Below is a final example of a relatively sophisticated spam email received by the info@dietitiansaustralia.org.au inbox. Even though this spam email is relatively well made, we can still use all the the tips above to identify that this is not legitimate. Further information about blocking, avoiding and following up on spam can be found in the Helpdesk FAQ.
It seems a lot to take in, are you expected to consider all of these things ALL THE TIME before opening an invoice? Before clicking a link? Yes!
You really do need to learn these signs, and spot them in the real world. They apply all day, every day, at work and at home.
Sadly this is the mark of our times using computers, phones, tablets, and email and everything being online, so many logins and passwords, dealing with sophisticated fake branding, fake tech support, scares of viruses, fraudulent banking, spyware, key loggers, bot farms, phishers, hackers, ransomware, data breaches, forgetfulness – and the pressure of quickly helping colleagues!
Stay alert, all the red flags will become ingrained if you keep learning and keep your eyes open.
Further Reading:
Recognise and report scams - Aus Gov
Comments
0 comments
Please sign in to leave a comment.