The Spam Test

By David Tucker, Published Monday, 11th January 2021

Scammers have become increasingly competent over the years which has made spotting malicious emails more difficult. Whilst It is still the case that the grammar and general sentence structure tend to be poor, this has reduced as foreign attackers have got more proficient and translation tools have improved.

Often spammers will use reformatted genuine emails from major companies like Microsoft or Paypal which makes them look very professional and even more difficult to spot. Luckily, there is one very easy way to tell if the email is genuine, and that would be via the weblinks contained therein.

The main aim of Spam emails is to redirect you to a dodgy website – when you visit the site it will either run some code to install Malware on to your machine – or it will present a login screen which hoovers up your credentials after you’ve logged in. In order to do this the Hyperlinks need to look genuine (which is quite easy to achieve) but ultimately the code behind the link cannot be hidden and this is how we can spot Spam. Let’s look at some Paypal examples:

Genuine Link: https://www.paypal.com/

Genuine Link: Please click here to go to Paypal

Dodgy link: www.Paypal.com

Dodgy Link: Please click here to go to Paypal

The key to spotting the spam is to hover your mouse arrow over the link which reveals its destination. The first genuine link above has text which matches the link destination which is the simplest form of link. The next genuine link shows a more common text based approach still pointing to the Paypal site. The first dodgy link text shows the correct site we want to visit, but as you can see when you hover over it, the destination is Google. The second Dodgy link is the trickiest to spot as it seems genuine at a glance, but as you can see there are 2 ‘p’s in the address.

There are many other forms that links will take, but the key point is that when you hover over them they will always show you the true destination, irrespective of what the text says or the logo looks like.

Some businesses do have strange names and you will potentially get emails from people who you haven’t dealt with before – so how do you know if their hyperlinks are genuine? In that case we can turn to free online link scanners like this one here: https://sitecheck.sucuri.net/

In order to use these the first step is to copy the relevant link using your right-click menu – this allows you to get the link on to your clipboard without clicking on it. Then you can simply paste the link into the site above and decide on its validity by checking the results.

These are good practices to use with emails across all platforms, but when used in conjunction with an anti-spam software solution such as Mimecast or Microsoft Defender for Office 365 your security is increased further still as these software packages often use machine learning and AI in conjunction with more traditional threat detection techniques.

Ultimately if you aren’t sure if something is malicious then it is probably best to delete it – or ask Datcom for help!
David Tucker

By David Tucker

David Tucker is an Infrastructure Monitoring Engineer at Datcom. He has over 15 years of experience in managing and maintaining network infrastructure and systems.

Contact

Get in touch

Call us on 0333 000 3210 or Email us solutions@datcom.co.uk

Latest news...

Router vs Firewall

Many businesses nowadays require users to access resources remotely. That could mean a remote-access VPN for users in the field, a website hosted on a server within the network, or a remote desktop solution for people working from home. All of these systems are a potential target for attackers. Upgrading your standard issue ISP router will greatly improve your security.

Read More