Suspicious Email Red Flags

Emails are inherently untrustworthy, and even if your own security is effective, vulnerability among others you communicate with still leave you at risk. Having said that, it is difficult to be thoroughly careful with every single message that you receive on a daily basis. The following are common red flags to help signal when extra caution is warranted:

  • Emails that in any way prompt you to to login or provide your password, especially notifications that your password has expired or prompts to click a link to reset your password.

  • Attached or linked invoices or agreements that you don’t expect. Particularly those which link to a document hosted at a service like OneNote, Docusign, Dropbox, etc.

  • Wiring instructions or bank account details. Always confirm changing bank details via an in-person conversation or phone call before acting on them.

  • Requests to update direct deposit banking information for payroll, or request sensitive information like copies of paystubs or W2s.

  • Executives or owners demanding that you urgently make purchases, send money, or provide sensitive information like tax documents or financials.

  • Unexpected emails that imply some sense of urgency to respond, to the effect of “you must respond within __ hours or else”.

  • Emails that contain .zip attachments or attachments which require a password to open.

  • Strange or unusual wording, grammar, or phrasing.

  • Images of QR codes or anything else the email asks you to scan with your phone or other devices.

Always pay special attention to warnings or safety tips added to the top of the message by your email security protections. Attackers are increasingly sophisticated and put a lot of effort into understanding how email protection systems work, and how to bypass them. Even messages that deliver to your inbox could still be dangerous. When in doubt, pause and confirm the message by phone call or text to a known valid number, speak with the sender in person, or forward to NorthSky for review.

Additionally, please be mindful of the fact that if your password is compromised, your multi-factor authentication is your last line of defense. Never approve an MFA prompt that you do not expect and recognize with 100% certainty and never provide an MFA code to a 3rd party. If ever in doubt, ask NorthSky.