Phishing is a serious problem on today’s Internet even with phishing protections in email clients, web browsers and security software in place.
The main reason for that, even if you run programs with phishing protection, is that these usually only protect you from known phishing threats
So, unless a phishing site has been identified by the maintainers of said databases, you are not warned when you open such a site in your browser of choice.
There is a window of opportunity for attackers to take advantage of that fact.
The Phishing Flow Chart
Internet users therefore need to know about phishing and how to identify phishing emails so that they don’t become a victim of an attack.
While that may sound like an easy thing to do if you are an Internet veteran or simply interested in security, it is not as trivial as it sounds for less tech-savvy users who have little to no experience when it comes to computer systems and security specifically.
The Login Helper blog has created a phishing flow chart that outlines the process of analyzing an email to determine if it is a phishing email or not.
The flow chart addresses the three biggest email dangers: Attachments, links and social engineering. The chart has been color coded for easier recognition of safe and dangerous elements in emails. All red elements in the flow chart are considered dangerous while blue elements are considered safe.
The chart furthermore provides basic suggestions on how to react when possible dangerous elements are encountered, for attachments it is to save them locally and check them with a service like Virus total online. That is better than opening them right away and hoping that the resident antivirus solution, if one is installed, catches any attack that gets carried out in the process.
Following the chart leads either to a safe or dangerous rating for the email that you analyze using it.
You can print out the chart if you want, or just memorize it. It is really not that complicated to go through. Just follow it from the very top to find out if an email is safe or a possibly malicious.