Phishing emails are no longer exclusively sent by Nigerian princes needing financial assistance. Scammers are now tech-savvy criminals who leverage state-of-the-art tools to con their victims. But it’s not like they’re the only ones with an arsenal of tools to pull from.
Most phishing emails will send you attached files and links or try to send you to a website. How do you know if these files, links, and websites are secure?
One way to find out is to run them through VirusTotal’s malware scanner. When run through the free VirusTotal detection, 70+ antivirus scanners and URL/domain blocklisting services will analyze your file, link, or website.
Once run through the scanner, you’ll be provided results from the antivirus scanners, indicating whether the link, file, or domain you input is deemed to be clean or some form of malware. For example, this VirusTotal scan for 17ebook.com shows that several sites consider this malicious, malware, or phishing, so you should probably avoid it.
Before clicking on a link that takes you to an unknown website, be sure to run it through a website scanner like CheckPhish. CheckPhish scans suspect websites to identify if they are malicious. After you scan a website, you’ll be notified if it is clean, suspicious, or a known threat. You will also learn information such as where the IP address is located, the hosting provider, certificate details, related URLS, and its history of phishing.
CheckPhish will also alert you if the URL in question is a typosquatting website. A typosquatting website is one that imitates a legitimate website but is designed with nefarious intentions. These websites are often a character or two different from popular websites. Once they are accessed, you may have no idea you’re on the wrong site, as this imitator domain resembles the website you were trying to access.
urlscan.io is exclusively used to analyze websites for malware. After the scan, you’ll receive a verdict indicating whether the site is safe or unsafe or if a verdict cannot be determined. You’ll also be provided a screenshot of the website, DNS and IP records, and the platform hosting the website.
Regardless of your email client, it will most likely filter scams, spam, and junk email. But that doesn’t necessarily mean downloading a spam blocker like Mailwasher is unnecessary. Cybersecurity specialists believe in a concept called defense in depth, which means that multiple layers of security create a robust digital defense. Using Mailwasher alongside the built-in spam filter used by your email client will only increase your security.
Mailwasher can detect spam, phishing emails, viruses, and even unwanted newsletters and emails. It is not a browser plug-in that can run in the background as you open your mail client. Instead, you must connect your email to MailWasher and run the program to inspect emails. If you’re suspicious of an email, you can preview it without opening it. If the program has judged an email to be malicious, you can delete it from the program itself.
Scammers may have evolved over recent years, but they’re not the only ones who can leverage the latest tools to their advantage.
