Phishing scams are one of the most common attack vectors used by cyber criminals to date. People continually fall victim to these types of scams, even though there is a wealth of knowledge online to help identify what to look out for in emails.

Why are they so successful? Anyone has the potential to be a victim. There are more factors in play to ensure a phishing email is successful rather than just the quality of the email.

As my friend Billy Bass once asked me, “I wanna know – if you can help me?”  Yes I can. I always ask myself the following questions when I receive an email before looking at the email in depth:

Is the message claiming to be official? – Criminals often tend to impersonate important people or organisations to try to trick you into doing what they want.

Is the message claiming to be urgent? – Criminals often threaten you with fines or negative consequence if you fail to comply.

Does the message make you panic, fearful, hopeful or curious?  Criminals will often use threatening language, tease you into wanting to find out more, or promise you false claims of support to get an emotional reaction.

Is the message claiming scarcity? Criminals will try to play on your fear of missing out on a good deal or favourable opportunity to get a quick response.

Are you expecting to see a message like this? Criminals look to exploit big news stories, popular platforms, or specific times in the year to make their scam more relevant to you

Attackers use these tricks to get you to respond without thinking. If you are answering Yes to these questions, then it’s time to question the legitimacy of the mail and look into the quality of the email.

Don’t worry, many of these scams fool the experts too, and you are definitely not alone. If you are ever unsure, reach out to a trustworthy source and get a second opinion. There is no use ‘making a rod for your own back!’