Phishing Detector from DATUREX GmbH
The DATUREX GmbH offers you free of charge a service that combines most of these points.
Simply forward a suspicious email to phishing@daturex.de further to obtain a complete analysis.
How we recognize phishing:
-
Comparison of domains used with Phishing databases updated daily
-
Scan of the domains used, do you belong to the organization ? Have they been created recently ? What is their reputation? What is the reputation of the hosting provider ?
-
Checking sent attachments using the latest technology Virus scanner
-
Assessment of all aspects by our own A.I. running on our German servers
The use of a local K.I enables us to use your data to secure maximum.
Sign here the Order processing contractso that you are on the safe side.
Recognize phishing easily
Phishing is a common type of cyberattack that involves tricking people into revealing sensitive information, such as usernames, passwords, credit card details and other personal information by faking a trusted identity in digital communications. Here are some essential guidelines to recognize phishing attempts and protect yourself from such threats:
1. check the sender's information
– Check the e-mail address: Look carefully at the sender's e-mail address, not just the display name. Phishing emails often come from addresses that have slight spelling mistakes or use famous names with extra characters.
– Examine links carefullyHover over all the links in the email without clicking on them to see the actual URL. If the URL looks suspicious or does not match the alleged source, it could be a phishing attempt.
2. pay attention to urgency or threatening language
- Phishing attempts often create a sense of urgency to provoke quick action. Be wary of emails that request urgent action to verify your account, secure your data or claim a reward.
- Watch out for threats or alarming messages warning of serious consequences if you do not act immediately.
3. analyze the content
- Grammar and spelling: Official communications from reputable companies are usually well written. Poor grammar and spelling mistakes can be warning signs.
– General salutations: Phishing e-mails often use general salutations such as "Dear customer" or "Dear user" instead of your real name. Be careful with emails that do not address you personally.
4. do not open attachments immediately
- Attachments may contain malware. Do not open any attachments that you were not expecting, especially from unsolicited e-mails. Check the credibility of the sender before opening files.
5. use security software
- Make sure you have up-to-date antivirus software that can detect and block phishing and other malicious attacks.
- Consider using email filters to help detect spam and phishing emails.
6. check whether websites are secure
- If you are redirected to a website, make sure it is secure. Look for URLs that start with `https://` and check that the domain name matches the organization's official website.
- Secure pages also display a lock symbol in the address bar.
7. be careful with requests for personal information
- Legitimate organizations will not ask for sensitive personal information via email. Always question emails that request personal or financial information.
8. use multi-factor authentication (MFA)
- Enable MFA on all accounts that support it. This adds an extra layer of security that makes it harder for attackers to gain access, even if they have your password.
9. educate yourself and others
- Stay informed about the latest phishing tactics. Cybercriminals are constantly developing new methods to exploit users.
- Share your knowledge with friends and family. The more people know about phishing, the less likely they are to fall victim to it.
10. check in case of doubt
- If an email or communication seems suspicious, verify its legitimacy by contacting the organization directly through official channels. Do not use the contact information provided in the suspicious email.
Below you will find some clear phishing indicators:
Sender email address: If an email claims to come from Fedex but the sender email address is info@fed-ex.org instead of @fedex.org, for example, this is spoofing.
Suspicious links: Some of the emails are completely identical to the original except for a single link.
This means there are links to the original website, privacy policy and co.
But one of these links leads to a criminal website that resembles the original, but whose domain does not belong to the organization. For example, paypol.de instead of paypal.de
There are emails that cannot be conclusively judged to be genuine simply by inspection. In these cases, you must ALWAYS confirm the authenticity via other channels.
This means you call the company or the supposed work colleague.
NEVER pass on login data by email.
Phishing detection through e-mail header inspection
Inspecting email headers to detect phishing attempts is a critical skill for raising your cybersecurity awareness. Email headers contain detailed information about the sender, route and creation of an email and provide insights that can help identify potential phishing attacks. Here's a step-by-step guide on how to detect phishing by examining email headers:
Step 1: Display email headers for different email clients:
https://mxtoolbox.com/Public/Content/EmailHeaders/
Step 2: Analyze the "From" field
The "From" field may show a familiar name, but the actual email address could be suspicious. Check:
- Display name and e-mail address do not matchIf the sender's name is a known contact or company, but the e-mail address is unrecognizable or filled with random characters, this is a warning signal.
- Domain nameCheck the domain name. Phishers often use domains that mimic legitimate domains by adding or omitting letters (e.g. `microsoftt.com` or `micorsoft.com`).
Step 3: Examine the "Received" lines
These are crucial for understanding the path of the email. Typically, the last "Received" line at the top shows the origin. Pay attention to:
- Original IP addressUse online tools to look up the IP address. If it comes from a suspicious location, be careful.
- ConsistencyIn a legitimate email, the domain names in the "Received" lines should logically relate to the sender or their email service. Any discrepancies could indicate a forged email.
Step 4: Check the "Return path"
This should match the sender's e-mail address in the "From" field. A different return path is a clear indication of a phishing attempt.
Step 5: Look at the "X" headers
Headers such as `X-Mailer`, `X-Originating-IP` or `X-Sender` provide information about the software used to send the email and the original IP address. Unusual values or email clients or IP addresses that do not match the alleged location of the sender are suspicious.
Step 6: Check links in the "Message ID"
The 'Message ID' should have a domain name that matches the sender's e-mail domain. A discrepancy may indicate a phishing attempt.
Step 7: Be careful with attachments
If the header analysis arouses suspicion, be extremely careful when opening attachments or clicking on links in the email, as these could contain malware or lead you to phishing sites.
Step 8: Use SPF, DKIM and DMARC data
These fields are used for e-mail authentication:
- SPF (Sender Policy Framework)Validates the IP address of the sender.
- DKIM (DomainKeys Identified Mail)Ensures that the content of the e-mail has not been manipulated.
- DMARC (Domain-based Message Authentication, Reporting & Conformance)Uses SPF and DKIM to verify authenticity.
Conclusion
Practicing these header inspection techniques regularly will improve your ability to recognize phishing emails. Always verify suspicious emails by contacting the sender through official channels. Remember, it's better to be cautious when dealing with emails that appear suspicious in any way. By staying vigilant and informed, you can significantly reduce your risk of falling victim to phishing attacks.
More blog posts
Finally quiet on the phone?
Finally silence on the phone The phone rings. Nothing unusual. Actually, it should ring much earlier. Finally (!), you think, jump up, run and pick up the receiver. At the other end, there's a short silence and then, unfortunately, it's not the voices that greet you...
We are only a small club
Data protection in the association, "What should happen, we are only a small association? The sentence is easily pronounced, but could ultimately cost the entire club head and neck. Not that in about a warning from the authority is pronounced or...
The secret of understandable data protection, to whom does it apply?!
The secret of comprehensible data protection In view of new rules in data protection, a number of questions are currently being raised. This is causing a great deal of uncertainty among those responsible. Who it affects companies, self-employed and also associations that are in the...
Use e-mails in a DSGVO-compliant manner
State-of-the-art technology Creating and processing e-mails in a data protection-compliant manner is now essential. Currently, e-mails and their content are transport-encrypted (TLS) from the e-mail sender (client) to an e-mail recipient (client) via an e-mail server (server)....
Data protection breach with e-mail use
Data protection violation with e-mail use based on case examples 1st case CC instead of BCC If you send an e-mail to several recipients and the recipients can see each other (CC and not BCC), this would be the case with e-mails that cannot be found publicly with first and...
Don't delay. As of May 2018, many companies need a data protection officer
The EU General Data Protection Regulation (EU GDPR) applies from 25.05.2018. The new EU regulation brings uniform data protection law throughout the EU. In addition to requirements familiar from German law, there are also many innovations. Companies must be prepared for...