Hello, Crown Clients and Friends!

An attempt to trick a user into granting access or information by pretending they’re someone that they’re not is called ‘phishing.’ Phishing attacks are sent by any form of communication, phone or text. Today we’re talking about phishing emails. Specifically, the email address. Phishing attempts have telling features that give them away. Here are four tip-offs you might find in the sender’s email address:

Familiar Name, Strange Email

It is not hard for someone to learn who your co-workers are. If that information’s not on the company website, it’s in the press or on LinkedIn. A common technique is to create an address with a boss or co-workers name on a third-party webmail service such as Yahoo or Gmail.

If you receive such an email, contact your co-worker from a trusted email or by phone and confirm the communication.

Amazon Asks for Your Password, And They’re Using a Yahoo Account

If a company contacts you out of the blue, check to make sure the email is from the correct domain. Amazon will use an @amazon.com address, eBay will use @ebay.com, Facebook will sometimes use @facebookmail.com, but generally, they’re an exception to this rule.

Any Email from U5ywe9bsd2iseyrre.com

When a scammer wants complete control of their mail server, they’ll purchase a domain the way a legitimate company will. But most valid sounding domains have already been snapped up, and these operations don’t have time to sit around thinking up new ones. So they’ll purchase sxy9sr2b5ifbe.net, 10289dsndegeuruh.com, or some other random combination of characters that looks like they punched a keyboard, set up their mail server, and begin grinding out the spam. When they get shut down, they purchase another nonsense domain and repeat.

Almost, but Not Quite

Then there are the URLs that look like known URLs. It’s easy to purchase a domain with one character different from the original but looks the same to the casual observer. For example, one might replace a lowercase ‘L’ with an uppercase ‘I’, or add or replace an ‘s’ such as brendascookies.com being the original and brendacookies.com belongs to a criminal.

All four of these techniques count on your eyes skipping straight to the body of the message. But it pays to double-check the sender’s address, especially when the content of the email seems suspicious


-Sean Goss and The Crown Team