Here are some signs to help you recognise malicious emails and maintain security in general:
Email Header
- Legitimate email address. At first glance the sender’s name might seem real enough you wouldn’t have to think twice. Check to see if the name matches the sender. Hackers tend to have similar, but not the same email address or from a public domain. For example, a genuine email from TenderBoard will be from the email domain (@tenderboard.biz).
- Subject. Look out if the subject is relevant to your relationship with the sender or if it includes urgent actions on your end. This is common to try to get you to react immediately and often includes phrases like “Call to Action”, “your account will be closed”, “your account has been compromised”.
Email Body
- General greeting. Check if it’s the usual greeting from the sender.
- Language. Poorly written emails are tell-tale signs that something is wrong. Look out for spelling and grammatical errors. However, not all emails with a mistake are scams. Looking at the context of the error is essential in determining if it’s a common typographical error or if there could be a purpose behind the bad syntax.
- Links. To avoid clicking on fake website links, hover over the link before clicking and see if the URL looks right or if certain letters have been omitted. For instance, does the link contain .net, .org, .com or another extension when it should be .biz?
- Information requested. If the email is requesting for private information, flag it immediately. Most reputable websites, including TenderBoard. do not ask for your password or other login credentials.
Email Footer
- Attachments. Generally, TenderBoard or any genuine organisation will not send you unsolicited emails with attachments, but instead direct you to download the documents from their website. Do not open attachments if they are unexpected emails, or if the file types are .exe, .scr, .com, .wsf, .msi, .cmd or .pif.
- Salutation. Check to see if the salutation matches the sender and if it’s typically how the sender signs off.
The following is an example of a phishing email purportedly from Tenderboard.
Phishing emails are getting more sophisticated and harder to distinguish. Stay ahead by ensuring your antivirus software is up to date and secure your network traffic.
If you are unsure about an email, please do not hesitate to check with us. You may use the contact form on TenderBoard’s website or contact us at 67158931.