Spot the Phish: Business Emails

Spot the Phishing Attempt - Cybersecurity Awareness

The images displayed below are a combination of phishing emails and real emails depicting potential business email compromise scenarios. Spot The Phish! Click on the images to zoom in.

 

Spoiler Alert: Answers are below.

Answer: Image 2 and Image 4 are the real ones. And the rest are phishes. Take a look below…

Image 1 details: The is an attempted phishing attack - the email asks for sensitive details of the employees to be sent to an external email address. Also, the sender tells the recipient not to “cc” him as by doing so the employee might send the email to the actual CEOs email address.

Tax Statement Request From CEO - Phishing Email Explained 1

 

Image 2 details: With every email that involves a call to action, there is bound to be a link to click or an attachment to open. In this case, it’s a link which passes our typical cybersecurity check. We’ve used an example company (Example, Inc.). In typical phishing emails, the link text is different from the mouse-over text. In this case that is not an issue. It looks like the email is taking you to the legitimate exampleinc.com domain.

Image 3 details: The sender is creating a sense of urgency to get the recipient to act quickly to send an international payment. This one is a phishing email.

Urgent International Payment from CEO Phishing Email Explained 3

Image 4 details: The only thing we can really analyze in this case is the link. The link is a gotomeeting.com link which is a popular webinar hosting site. Although we should always have our cybersecurity guard up, there’s nothing manipulated in the link and it looks legit.

ERMProtect's Weekly Newsletter

Get a curated briefing of the week's biggest cyber news every Friday.

Stop Phishing Attacks with ERMProtect's Security Awareness Training

Turn your employees into a human firewall with our innovative Security Awareness Training.

Our e-learning modules take the boring out of security training.

Intelligence and Insights

Biggest Cybersecurity Trends

The Biggest Cybersecurity Trends to Watch in 2023

As we begin a new year, here’s a look at some of the top security trends that are emerging now and could pick up pace in 2023 …
Cybersecurity Threats of 2022

The Biggest Cybersecurity Threats of 2022

Here’s a look at the biggest cybersecurity threats from 2022, and what organizations should pay close attention to in the coming year …
soc 2 auditor

Top 10 Tips for Choosing a SOC 2 Auditor

Choosing a SOC 2 auditor can seem like a complicated process, but keep in mind that the most important factor is picking someone who will be a valuable partner …