Email phishing is a type of cyber attack where attackers use email to trick people into revealing sensitive information, such as login credentials or financial data. Here are some common email phishing tactics used by attackers:
1. Deceptive Sender: Attackers often use a deceptive sender name or email address to make the email appear legitimate. For example, they may use a domain name that looks similar to a trusted organisation, or a display name that is similar to someone the recipient knows.
2. Urgent or Threatening Language: Attackers may use urgent or threatening language in the email to create a sense of urgency and pressure the recipient into taking action. For example, they may claim that the recipient's account is at risk of being closed, or that they will face legal consequences if they do not respond immediately.
3. Suspicious Attachments or Links: Attackers may include suspicious attachments or links in the email, which, when clicked, can download malware or take the recipient to a fake login page where their credentials can be stolen.
4. Request for Personal Information: Attackers may request personal information, such as login credentials or financial data, in the email.
5. Impersonation of Authority Figures: Attackers may impersonate authority figures, such as a CEO, a bank representative, or a government official, to gain the trust of the recipient and convince them to take action.
To protect against email phishing, it is important to be cautious and suspicious of any email that asks for personal information or contains suspicious attachments or links. Check the sender's email address and domain name, and verify the authenticity of the email before clicking on any links or providing any information. Additionally, it's important to educate employees on email phishing tactics and implement email security measures such as anti-phishing filters and spam blockers.