Suspicious Senders
What is a common red flag in a sender’s email address?
Misspellings
extra characters
unknown domains (e.g., @paypall.com instead of @paypal.com).
What should you do before clicking an email link?
Hover over the link to see the actual URL before clicking.
What phrase is commonly used to pressure recipients into acting quickly?
"Your account will be suspended unless you act now!"
Urgent, Important.
Why should you be cautious about unexpected email attachments?
They may contain malware, viruses, or ransomware.
What should you check in the email header to detect phishing?
The "Reply-To" and "Return-Path" addresses for mismatched domains.
How can you verify an unknown sender?
Check the domain, search for the email address online, and contact the company directly using official contact details.
How can you hover over a link to inspect it?
Place your mouse over the link without clicking, and the real URL will appear in the bottom corner of your browser or email client.
How does a phishing email create a sense of urgency?
By using fear-based language, such as threats of account closure, fines, or legal action.
What are the most common malicious file types?
.exe, .zip, .pdf, .docm, .xlsm, .js (JavaScript files).
What’s a common grammar or spelling mistake in phishing emails?
Poor spelling, awkward phrasing, or inconsistent capitalization.
What type of email spoofing tricks do attackers use?
They forge the "From" address to make the email appear from a trusted source (domain spoofing).
What does a lookalike URL (typosquatting) look like?
A URL that closely resembles a legitimate one but contains slight misspellings (e.g., www.bank0famerica.com instead of www.bankofamerica.com).
Why do scammers use scare tactics in emails?
To make recipients panic and act without verifying the request.
How does an attacker use macros in phishing emails?
Malicious macros in Word or Excel documents execute harmful scripts when enabled.
Why do fake emails often contain poor formatting?
Scammers may use automated translation tools or lack professional design skills.
Why should you avoid responding to unexpected urgent requests?
Attackers use urgency to manipulate victims into acting without thinking (e.g., fake boss or HR requests).
Why should you avoid shortened URLs in emails?
They can hide the actual destination, making it harder to spot malicious links.
How can you verify a threatening email demanding action?
Call the company or sender directly using official contact information from their website.
What is a business email compromise (BEC) scam?
Attackers impersonate executives or vendors to trick employees into sending money or confidential data.
How do attackers impersonate legitimate brands?
They copy logos, branding colors, and signatures but use fake email domains.
How can you check if an email domain is legitimate?
Look up the domain on WHOIS, compare it with the company’s official website, or check SPF/DKIM/DMARC records.
What’s a common trick used in fake login pages?
Attackers create nearly identical login pages to steal credentials (e.g., fake Microsoft 365 or PayPal login screens).
Give an example of a social engineering email using urgency.
"We've detected unauthorized activity on your bank account. Click here immediately to verify your identity!"
How can you safely inspect an email attachment?
Use an online virus scanner (e.g., VirusTotal) or open it in a sandboxed environment.
Give an example of a real phishing attempt and how to spot it.
An email claiming to be from "Amazon Support" asking for payment details, but the sender’s domain is support@amzon-secure.com instead of @amazon.com.