As Phishing Attempts Rise, Remember Email Best Practices

Rackspace security teams are constantly monitoring the cyber threat landscape. Recently, we’ve observed an uptick in phishing emails fraudulently seeking credentials or redirecting end users to potentially malicious content.  

As a reminder here are some best practices when evaluating potentially malicious emails.  

Phishing emails vary by sender, subject, graphical appearance and exploitative methods.  Typically, they involve attempts to evoke fear, panic or curiosity to encourage interaction with email content. 

Frequently, these emails appear to direct recipients to a legitimate web location. In reality, the links redirect the user to destinations designed to steal credentials or deliver malware. 

Given that all of us will likely encounter phishing and malicious email activity at some point, implementing a strong operational security culture, and critically interpreting email should become standard practice among organizations of every size.  

Below are some best practices: 

  • Ensure that the sender email domain is the valid domain for the organization attempting to contact you. You should not receive business emails from personal accounts. Most  organizations will utilize support accounts or specific representatives as authorized senders.  
  • Read the content of the email critically. Look for unusual requests and double check the spelling in the message header and footer.  If you’re familiar with the email formatting for a particular organization, note that as well. 
  • Check all hyperlinks by hovering over them before clicking to ensure they’re legitimate. 
  • If you aren’t expecting an attachment, or it looks odd, don’t open it. Instead, call or contact the sender by an alternative method to confirm its legitimacy. 
  • If you doubt the authenticity of any communication, do not be afraid to contact the sender for confirmation. 

In summary, examine emails with care, do not utilize email to navigate to web locations, and do not be afraid to ask for confirmation from the declared sender organization.  

If you ever have questions about whether an email that appears to originate from Rackspace is legitimate, please don’t hesitate to contact your support team.  

Christina Galligan (CISSP, GCIA, CEH, GCTI) leads the Customer Security Operations Center and Information Security Operations Center. She is the strategic designer and implementer of multiple security capabilities for Rackspace, including red teaming and adversary simulation, cyber threat intelligence support to operations, and a vulnerability assessment capability in the Customer Security Operations Center.

LEAVE A REPLY

Please enter your comment!
Please enter your name here