Odfjell has experienced an increasing number of phishing attempts in the past weeks, including the severe cybersecurity breach reported by CEO Kristian Mørch in our last issue. While the targets of these phishing attempts have mostly been shore employees, it doesn't mean that you will be spared from these malicious attacks – so please stay alert!
Detect phishing emails by looking for these red flags:
- The domain name on the sender's name is different from the actual domain name on the email address
In the above example:
- Domain name on sender’s name: Microsoft Office
- Actual domain name on the email address is misspelled
- The email requires urgent action
Whether it is online banking, government service or a social media account, deactivation of accounts is originated by the user. In the event that the cancellation of the account is initiated by the service provider, they do not issue a final deadline of three minutes.
- Hovering the mouse pointer on the link in the email will reveal a completely different and suspicious link
In the above example, the email came from Twitter so the link to reset the password should go to https://twitter.com. Hovering the mouse pointer on the link displays a totally different link.
Other red flags
Like technology, phishing attempts have also evolved. They are no longer as obvious as before, and have started to look like legitimate emails from actual institutions.
Still, it is important to be reminded of the other phishing red flags that may no longer be as prevalent as before:
- Obvious grammar and spelling errors and other mistakes in writing
- Generic salutations, like ‘Dear user’ or ‘Dear account holder’
- Unbelievable freebies or promise of easy money
- Blatant request for money
