Cómo identificar y evitar el Phishing en correos electrónicos

How to identify and avoid Phishing in emails

Celia Catalán



Despite being one of the most common social engineering and cyberattack techniques in the Currently, phishing continues to be a strong entry vector for attack used by many cybercriminals. This technique aims to obtain fraudulently personal or business information of users through apparently reliable emails and web pages, where said users enter your data trusting in its legitimacy.

In a newsletter published by the National Institute of Cybersecurity Spain (INCIBE) regarding the Cybersecurity Balance of last year 2022, managed a total of 118,820 cybersecurity incidents, of which Almost 17,000 incidents (14% of the total) were caused by phishing. It is not surprising that with the constant digitalization of services and enormous amount of information that users manage on their devices, phishing figures will increase in 2023.

For all Therefore, it is essential that there is adequate knowledge of cybersecurity, or a series of guidelines to follow, which help identify and avoid being victims of this type of cyber attacks.

In Regarding the content of the email received, it is important identify characteristics that would be decisive for said email, such as are: sender who sends it, email address used (before of the @), domain of the email address (after the @) or footer signature. If the body of the email contains multiple spelling mistakes or requires An urgency or immediate response are warning signs.

Occasionally, There are files attached to the email in question. It is essential to distrust said documents, so it is necessary to avoid opening or executing them in a principle. To distinguish whether it is a legitimate file or not, recommends as a good practice to observe both the name of the document and its extension.

If he file has generic names such as “payrolls”, “invoices”, “documentation” or similar, is a first starting point to suspect. Normally when we receive attachments in an email, they usually include distinctive features that offer greater detail; as name of the company that sends it, subject of the document, or year or month that relates it.

The rush is never good counselors, if someone asks you for something by mail and presents a last-ditch situation time or rush you to access a link or do something, distrust and Call the petitioner on a phone number that you have saved for occasions previous ones, never to the one indicated in the email.

For another On the other hand, the key identification factor is the extension. If you expect to receive a file with a specific extension, you must make sure that the file attached is of that type. To do this, in addition to checking the icon that identifies, it is recommended to activate the display of extensions in the system to check, also Configure applications not to runmacros automatically. It is good practice to be especially cautious with files that request macros enablement must be discarded, as they may contain commands that spread virus or malware on the computer or network.

In the case of executable files, special care must be taken since they can contain scripts or install content on systems that contain code malicious. To do this, it is recommended to use antimalware or tools such as Virustotal, which allows you to analyze files downloaded to the computer before executing them.

Additionally, External links to pages may be included in the body of the email. web, which can be malicious. To avoid this, it is advisable to pay attention to the syntax of said link, and, furthermore, never click directly on it; but instead manually type the legitimate address into the browser. Of In this way, in addition to avoiding possible phishing, techniques such as typosquatting where characters or symbols are included in the link that They go unnoticed by the naked eye.

If requires additional confirmation of the link, tools such as unshorten.me which allows you to see a shortened message in your version extended.

In areas business, it is recommended to run simulated phishing campaigns with certain regularity with the aim of creating direct awareness in the template. The additional benefit of this practice is that it allows data to be taken statistics of the level of risk that exists in the company against cyber attacks of this type, and take appropriate measures based on said risk.

Finally, It is recommended to maintain systems with antivirus (especially with features of XDR) and applications updated to their latest version, and install antispam filters, as well as disable HTML email preview for email accounts. user that are considered critical.

Although that all these tips exponentially reduce the danger of falling in front of to this type of threats, it is essential to keep in mind that phishing it is becoming more and more refined; and that human error is always a factor take into account when using a tool so widespread and used at the level personal and business such as email.

Good practice tips To avoid falling for phishing:

1. Check the email (both address and domino).

2. Be wary of generic issues.

3. Do not have Hurry, if they rush you, be wary and check the situation described in the email.

4. Check the spelling and grammatical mistakes in the content of the email.

5. Yes no you are expecting a file in an email, do not open it.

6. If you receive attachments without review detailed description of the email.

7. Activates the display of extensions.

8. Check with your antivirus the attachments.

9. Do not run macros if you have full confidence in the attachment and in the sender.

10.   Do not click on links you see in a mail, there may be surprises, with shorteners it uses unshorten.me or tools similar.

11. In environment business, awareness and beam Simulated phishing campaigns.

12. Keep your updated antivirus.

If you need any Help with awareness tasks, have any questions or want to run campaigns of phishing in your company, do not hesitate to contact www.zerolynx.com, and above all: open your eyes wide!

Fco Javier Pérez Sánchez, Cybersecurity Consultant

return to blog

Leave a comment

Please note that comments must be approved before they are published.