KLC Consulting’s FREE Phishing Training-01 Video. This 4+ minute video, the first in our FREE cybersecurity training series, demonstrates a “real world” phishing email currently in wide circulation around the internet, and shows how to identify and distinguish phishing attacks from legitimate emails.
A Real Phishing Email Example
What you are seeing is a real phishing email. It’s coming from DHL, from DHL admin. “A parcel was sent to you by one of our clients. Our courier agent was unable to deliver the package to you due to an incorrect delivery address. Please confirm the below address.”
Check who the sender is
There is a web link for the “From” address, it’s coming from DHL customer care. Ok let’s take a look: First thing we want to do is to find out if the email is coming from a legitimate sender. We’re looking at DHL admin let’s take a look and see where this email is coming from.
What we do is move our mouse over to the sender, there’s a drop down. On some mail systems you might click on it but on this one (mine) I have a drop down on the link. It says it’s from Hazel@elwood.ml.
We already know this is a phishing email
This is not what we’re expecting. We’re expecting a DHL domain name it should be coming from DHL but it’s coming fromHazel@elwood.ml. By looking at this we can already conclude it is a phishing email.
What’s the domain name of the sender?
However let’s check the confirm address link to see where it wants to take us to. We do this by hovering our moving over the link. DO NOT CLICK ON IT! A pop up will show us the web link address. It’s taking us to DFLHOST.com which is not what we are expecting. By looking at this we can also conclude very quickly this is a phishing email.
Other details to check
Any attachments?
There are no attachments
Does the email sound urgent?
This sounds pretty urgent because it says the courier agent was unable to deliver the package and they want us to click on the address confirmation button.
Does the email use poor English and grammar?
This one looks ok
Is there a signature with contact information on the bottom?
There’s no email signature, it only says the DHL Express Team. There is no contact information, no address or phone number for DHL Express Team. Usually if this is a legitimate email they will include that information on the at the end of the email.
Is your name as the recipient identified?
Okay so this is missing the email address of the recipient in the name. It’s only addressed to “recipient” which is a bit weird.
In Conclusion
So by looking at these we can conclude this email is a phishing email. We hope you find this Phishing Training-01 Video helpful. We will see you next time to go through another phishing email example. Thank you!
For helpful additional information please check out our related video that shows how to secure your home office network.
We provide flexible and affordable CMMC and NIST 800-171 compliance solutions.
Thank you for watching and visiting our website!