goes very fast: Look at
- Subject and
Check briefly and target-oriented:
- Do you know the sender?
- Is not only the displayed name correct, but also the real e-mail address?
- Do you expect an attachment (or link, see Phishing) from this sender?
- Does the subject make sense in connection with this sender?
This already allows you to drastically reduce the risks.
In combination, these checks already give a good indication of whether the mail is trustworthy. Many SPAM/phishing/fraud e-mails deliberately use vague and alarmingly worded subject lines, such as “Your invoice”, “Reminder”, “Your account has been blocked” or “Urgent message” often with “!!”. Always question whether such an e-mail from this sender makes sense, especially with attachments and links. And hand on heart, which of your communication partners uses exclamation marks in the concerning?
If you do not have an account with Bank XY or if the bank is not allowed to know your e-mail address, the case is already clear. The same applies to an “invoice” or even “reminder” from a store unknown to you or without you having ordered anything from the store.
If the checks of the three items sender, subject, attachment do not result in a coherent picture, we (and the German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, BSI)) recommend deleting the unopened mail.
If in doubt, ask the sender personally via another channel if he has sent this e-mail with this attachment before opening it – just give us a call