Home News & Insights How to Catch a Phishing Email

How to Catch a Phishing Email

Phishing remains one of the most common types of cybercrimes according to Cert NZ. Cybercriminals took advantage of New Zealand with phishing and credential harvesting reports increased 26% from Q2 2023, as reported by Cert NZ.

As cyber criminals get more savvy in the art of deception, these emails are getting harder to recognise. They are no longer desperate requests for money or a plea from an offshore prince. They are simple messages with a simple objective – to get you to click or respond.

Email is a key channel that cyber criminals can use to compromise you or your employer’s sensitive data - and bank account. It’s time to for us to treat it as such by analysing every email received to catch phishing attempts. After practice, it will become second nature.

Here are a few tips to follow to take back our inboxes:

Check who it's from

Be wary of an email if:

  • It’s new to the inbox party – not someone you normally communicate with
  • It’s not related to your normal job responsibilities
  • The from address is the name of someone in your organisation but something looks off such as the format or the domain (@Sharp.support.co.nz vs. @Sharp-support.com)

Check the 'To' field

Suspect an email that:

  • You were cc'd on and you don't know the other people it was sent to;
  • Has you as part of a group that you’ve never seen before or doesn’t apply to your job - Ie., You are in sales but the group name in the To field is “HR-Benefits” or “Sharp-Finance”;
  • Is sent to a random assortment of people at your company, for instance a group that has last names that start with the same letter.

Check the date field

If Bob sent you an email at 4:00 am, and you know he’s not a morning person, it could be a phishing email.

Check the subject line

Subject line indicators of a phishing email would be:

  • If it sounds strange or doesn’t match what you’d usually read from this person;
  • It does not match the message content;
  • It’s a RE: to an email that you never sent or requested;
  • It’s something unrelated to your job function.

Examine the message before clicking any links

The email is probably spam if:

  • The sender is asking you to click a link or open an attachment to find out more information;
  • The email body has terrible grammar and spelling errors;
  • The email body contains almost no information, and they are trying to bait you to respond;
  • The sender is asking you for sensitive personal information that you were not expecting.

Inspect the hyperlinks

The email is most likely phishing if:

  • You hover your mouse over the link in the email and it shows a different website;
  • The body of the email is mostly the hyperlink or only a hyperlink;
  • The hyperlink is a misspelling of a well-known website like www.bankofnewzealand.co.nz instead of www.bnz.co.nz.

Inspect attachments before opening

After examining the above aspects of the email, think about the attachment.

  • If you weren’t expecting the attachment or it doesn’t make sense, do not open it;
  • If it’s a weird filetype, do not open it.

The most common type of malicious files attached to phishing emails are:

  • Script files (.wsf)
  • Windows executables (.exe)
  • Office documents (.docx/.xlsx/.pptx),
  • PDF documents (.pdf), followed by Compressed archives (.ZIP, etc), and Batch files.

        While we can’t stop hackers from using phishing to gain access to our systems, we can make sure that our organisations and staff are well-informed and practiced in the art of catching a phishing email.

        Always be on alert, especially if you receive an email that you are not expecting. Never reply to suspect emails but rather report them to your IT department if the email fails even one of the above warning signs. Download a printable sheet of these red flags for your desk as a reminder.


        Find out more about Sharp’s security offerings, or subscribe to our mailing list to keep up to date with the latest tips, tricks and Sharp Products.