Back to blog posts

Protecting our community while online by TRaC Defence Limited

We have all had emails that are not from who they say they are or from a Nigerian Prince who wishes to share his millions with you if you click this link. But how can you be sure that an email is legitimate if it looks as though it relates to something you have or do. This post comes with a health warning, not all the techniques I am showing you will necessarily be the only things that identifies a Phishing email.

Phishing
What is a Phishing Email? An email pretending to be from somebody who it is not. With the aim of making the reader do something. Usually clicking on a link but sometimes can also need someone to make a phone call or reply to the email. The intent is normally to get credentials such as passwords and usernames or your bank details.

The Anatomy of a Phishing email

So what does a phishing email look like? Well it looks like the email below!

At first glance it looks like an email from McAfee. The reason for using this is that a lot of my clients have had a similar email about their Anti-Virus (Hint: we dont use McAfee). People are concerned about safety on the internet and most people know this is their first line of defence against viruses.

McAfee Phishing outlined

Oooo, well this is good; McAfee are warning me that my Anti-Virus is expired and that I am now vulnerable to viruses. It also looks real with nice art and layout.

But is this real? Here are the tell tell signs it’s not real:

  • I don’t have McAfee! But what if I don’t know?
  • Bad grammar or spelling is a real sign of a fake email. Companies like McAfee, will have a meticulous approach before emails go out and generally this would be picked up.
  • In the main heading McAfee is spelt ‘Mccafee’, which is wrong.
  • In the main heading ‘expiiired’ has 3 i’s.
  • It’s subtle but your protection ‘Has expired on’ rather than just ‘expired on’.
  • McAfee wouldn’t use scare tactics to get you to buy their products; e.g we blocked 5 virus (note ‘Virus’ and not Viruses).

Finally, the origin of the email itself; in my example the ‘from’ area just said slogorman. But by clicking on this you see that the email has come from ‘blackpoolzoo’. This definitely is not part of McAfee 🐆🦍🐘🦒!

What should I do about a Phishing email?

Do not click on anything within the email. Delete the email, followed by emptying your deleted items from your email account

Done, now go about your daily business.

I’ve clicked it! What do I do?

First thing don’t panic; we have all done it one time or another.

Have you got Anti-Virus installed? If you are running Windows, you should have at least Windows Defender running. If anything has occured, this should block known Malware or viruses. If it tried to download something you should have been notified. But if you didn’t we will check this next.

If you are running Windows 10 or 11 you will at a minimum have Windows Defender the Microsoft system to protect your computer. The page below helps you check if Windows Defender is on:

https://support.microsoft.com/en-us/windows/stay-protected-with-windows-security-2ae0363d-0ada-c064-8b56-6a39afb6a963

If it wasn’t, switch it on and then get Windows Defender to scan your computer:

https://support.microsoft.com/en-us/windows/virus-threat-protection-in-windows-security-1362f4cd-d71a-b52a-0b66-c2820032b65e

Avast logo

If you are running an Apple Mac and you haven’t got your system from us you may not have Anti-Virus. But that’s ok as you can download many free Anti-Virus products. We recomend Avast. Free AV (Click Here) Free Anti-Virus tends to only have basic Malware and Virus scanning, so we do recommend a paid for service as this also has wider web based security. See details and purchase Avast here. We can also support your device through life if you are concerned: contact us for more information

Avast Scan

Once you have the system installed on your Mac run a full scan. This is for Avast, but there will be a similar function for the Anti-Virus of your choice.

The Scan findings

If the scan doesn’t find anything, you should be ok. If it does it will auto quarantine and delete for you.

What should I do next?

We highly recommend you change the passwords to any websites you access from that computer. Especially social media like Facebook and Twitter etc. You can also change any bank account passwords, but these types of accounts use some form of two factor authentication where you input a password and something else to access, which provides further protection. If it uses parts of a word, e.g. please provide letter 1,5,7 change your memorable word also.

We recomend a strong password. Using three words with upper and lowercase and a number is good as it’s easier to remember. If you can’t do this get a friend or Carer to help you. e.g TheThreeLittleBears3.

safe online

If you have any concerns seek advice.

Visit to the National Cyber Security Center website for support

Adapt-IT takes Cyber Security very seriously to protect our customers and our business. This is why we have worked hard to achieve the following Certifications:

TRaC Defence is the sister company of Adapt-IT and is a specialist Cyber Security company that secures business’ and people against the Cyber Threat.

TRaC Defence has the following Certifications:

OUR COMMUNITY BLOG POSTS