#BeAware: Phishing-Mails

2. May 2019

Phishing emails are still the main gateway for viruses, Trojans and other malware. They are also often used to gain access to the personal data of their recipients. A phishing email sent for the purpose of spreading malware can reach a computer in two ways: Either via compromised attachments or links designed to trick the recipient into visiting a compromised website.

Attackers who send out phishing emails are becoming more and more professional. Obvious spelling and grammar mistakes or outrageous stories of Nigerian princes whose fortune you are supposed to have inherited still exist, but have become the exception. Here is a list of things you should check in all your incoming emails:

  • Is the sender correct? Is the name spelled correctly and is the address after the @ correct?
  • Where does the link in the e-mail lead to? If you hover over the link with your cursor (without clicking!), the destination address is displayed next to the mouse or in the lower part of your browser window and you can check whether the link matches the content of the e-mail and the sender.
  • Does the content of the e-mail match the sender or is it too good to be true?
  • Does the attachment match the sender?

If you receive an email that you think might be suspicious, even in the slightest, do not click on any links or open any attachment, but forward the email to the appropriate contact person at your company. Your IT department will then be able to verify whether the mail really is a phishing attempt.


About #BeAware:
We all know them from our daily work: security tips, the latest virus reports, horror stories from the world of cyber security. With #BeAware, usd security awareness experts would like to help you understand these messages. The articles highlight relevant IT security issues and the most common methods used by hackers and criminals, and give tips on what anyone can do to protect themselves and their company. For more security.

Also interesting:

A5: BSI Publishes New Audit Framework for Trustworthy AI

A5: BSI Publishes New Audit Framework for Trustworthy AI

The German Federal Office for Information Security (BSI) has published the Community Draft of the AI Audit and Assurance Assessment Architecture (A5) (currently available in German only), thus starting the consultation phase. A5 is intended to create a standardized...

AI Vulnerability Storm: When a Lack of Speed Becomes a Risk

AI Vulnerability Storm: When a Lack of Speed Becomes a Risk

Current developments in AI systems show that vulnerabilities are found more quickly, suitable exploits are developed more quickly, and attacks are increasingly implemented automatically. This significantly reduces the time between discovery and exploitation. What used...

Bafin Publishes 9th Amendment to MaRisk

Bafin Publishes 9th Amendment to MaRisk

On 30 June 2026, all credit institutions and financial services institutions in Germany received an important circular: Following the consultation phase, the German Federal Financial Supervisory Authority (Bafin) published the 9th amendment to its Minimum Requirements...

Categories

Categories