Accounting for Law
Legal Suppliers

Simple ways to scan any email to keep yourself from being a victim

By Ryan Duquette

Check the TIPC: Timing/Intent/Person/Content

If you are anything like me, you are overwhelmed with emails each and every day. It is getting challenging to often determine which emails are real, and which may be phishing for our information. There are four easy aspects to any email that you can practically scan within seconds to determine if the email is real or fake.

Before opening an email - and especially before opening any attachments or clicking links contained in the email - take a closer look and think about these four aspects: 

  • Timing: Is the timing of the email correct? Are you expecting an invoice from someone, a document from someone, a file from someone? If not then be a little suspicious.
  • Intent: What is the intent of the email? If it’s trying to get you to do any of the following then you should be a little cautious:
  1. Enter your PII.
  2. Open/click on an attachment.
  3. Click on a link to a web page.
  • Person (from): There are a couple of things to watch relative to who the email is from.
  1. Does the “From:” name match the name in the body of the email? If all you see is a name in the “From:” section then, depending on your email program, there are various methods to see the full email address so you can, for example, look for spelling mistakes in business names (e.g. John.Smith@feddex.com).
  2. Does the email have a signature? Often whaling attacks are disguised as an email coming from a CEO’s mobile device that often do not have official company signatures attached to the name.
  • Person (to): Now look at the “To:” section of the email.
  1. Is it addressed to only you and others you know? If there are other email addresses in this section you do not know, it may be a spam email.
  2. Is the body of the email personalized (i.e. not just the typical “Dear Customer”)? This does not always mean the email will not contain malware, but it can dramatically cut down on your risk of falling for a general phishing attempt.
  • Content: Are there spelling mistakes or grammatical errors in the email? Does the content of the email make sense? Would a CFO of a company be emailing you a receipt? Would your CEO be emailing you asking for a money transfer to be made?

After time and practice, you will be able to scan any email for these four things within seconds. If any of these four areas appear off (your "spidey-sense" is tingling), then take a sip of coffee, slow down a little, and take a few extra steps to make sure you are not victimized. 

Read More at Hexigent Consulting Blog

To Read More Hexigent Consulting Posts Click Here
Lawyer Directory
BridgePoint Financial Services (post to 5.31.19)Toronto Lawyers Association (post to 6.30.19)MKD International (post until Sept. 30/18)Feldstein Family Law (post until May 31/19)Greystones Health Stancer Gossin Rose Lawrence ForstnerLeanne Townsend