In an attempt to detect phishing emails, first, hover your mouse pointer over the name in the “From” column. Doing so, you will come to know whether it is the original domain name linked to the sender name; if it is not, then it could be a phishing email. For example, an email from Gmail.com should probably display it’s “From” domain as “gmail.com.”
Check to see if the email provides a URL and prompts the user to click on it. If so, ensure that the link is legitimate by hovering the mouse pointer over it (to display the same as the URL to be clicked on) and ensure it uses encryption (https://). To be on the safe side, always open a new window and visit the site directly instead of clicking on the link provided in the email.
Do not provide any kind of information on the suspicious website, as it will likely link directly or direct content to the attacker.
Few other symptoms of a phishing email:
- Seem to be from a bank, company, or social networking site and have a generic greeting
- Seem to form a person listed in your email address book
- Gives a sense of urgency or a veiled threat
- May contain grammatical/spelling mistakes
- Includes links to spoofed websites
- May contain offers that seem to be too good to believe
- Includes official-looking logos and other information taken from legitimate websites
- May contain a malicious attachment
The Netcraft Toolbar provides updated information about the site’s users visit regularly and blocks dangerous sites. The toolbar provides you with a wealth of information about the sites you visit. This information will help you make an informed choice about the integrity of those sites.
* Protect your savings from Phishing attacks
* Observes the hosting location and risk rating of every website visited (as well as other information)
* Helps in defending the Internet community from fraudsters
* Checks if a website supports Perfect Forward Secrecy (PFS)
* Observes if a website is affected by the aftermath of the Heartbleed vulnerability
PhishTank is a collaborative clearinghouse for data and information about phishing on the Internet. It provides an open API for developers and researchers to integrate anti-phishing data into their applications.