When they search, make sure they find you!
(978) 252-0300 info@insightdezign.com

Insight Dezign

When they search, make sure they find you.

How to Identify Scam and Phishing Emails: A Guide for Business Owners

by

In today’s digital landscape, phishing attacks have become increasingly sophisticated, posing significant threats to businesses of all sizes. As a business owner, recognizing these deceptive emails is crucial for protecting your sensitive information, financial assets, and reputation.

The Growing Threat of Phishing

Phishing emails attempt to trick recipients into revealing confidential information, transferring funds, or installing malware. According to the IBM Security Cost of a Data Breach Report, these scams cost businesses billions annually, with the average data breach costing small businesses approximately $200,000—enough to permanently close many operations.

Red Flags in the Example Email

Let’s analyze the example phishing email that appears to be from GoDaddy:

Example phishing email from GoDaddy showing multiple red flags

1. Suspicious Sender Details

  • The sender email (contact@verdebluefestival.com) doesn’t match the organization it claims to be from (GoDaddy)
  • The strange “yddaDoG” text in the subject line is a red flag

2. Urgency and Threats

  • The threatening tone about services being “completely discontinued within 48 hours”
  • Creating a false sense of urgency to pressure you into immediate action

3. Unusual Payment Amount

  • The suspiciously low amount ($6.90) for a domain renewal
  • Scammers often use small amounts hoping they’ll go unnoticed or seem less suspicious

4. Questionable Contact Information

  • The UK phone number (0207 558 2055) is suspicious for what appears to be a US-based company
  • Official communications typically direct you to regional support channels

5. Poor Grammar and Formatting

  • The awkward phrasing “in the event of non-payment or ignorance”
  • Inconsistent spacing and formatting throughout the email

How to Check Email Headers to Verify the True Sender

Email headers contain crucial information that can help you identify phishing emails. They reveal the actual path the email took to reach your inbox, often exposing scammers trying to hide behind fake display names.

How to View Email Headers:

In Gmail:

  1. Open the suspicious email
  2. Click the three dots (more options) in the top-right corner
  3. Select “Show original”
  4. A new tab will open with the complete email headers

In Outlook:

  1. Open the email
  2. Click “File” > “Properties”
  3. The email headers appear in the “Internet headers” box

In Apple Mail:

  1. Open the email
  2. Click “View” > “Message” > “All Headers”

What to Look For in the Headers:

1. The “Return-Path” and “From” fields:
These should match the organization’s legitimate domain. In our example, a legitimate GoDaddy email would have a return path containing “@godaddy.com,” not “@verdebluefestival.com.”

2. Check the “Received:” lines:
These show the servers the email passed through. Work backward from the top to trace the email’s journey. The first “Received:” entry shows the original server. If this doesn’t match the claimed sender’s domain, it’s likely fraudulent.

3. SPF, DKIM, and DMARC authentication:
Look for “pass” results in these email authentication methods. Failed authentication is a strong indicator of spoofing:

Authentication-Results: spf=pass (sender IP is 216.71.152.153)
smtp.mailfrom=godaddy.com; dkim=pass (signature was verified)
header.d=godaddy.com; dmarc=pass action=none header.from=godaddy.com;

4. Examine the Message-ID:
This unique identifier usually contains the sender’s domain. A mismatch is suspicious.

5. Check IP addresses:
Use tools like WhoIs to look up the originating IP addresses found in the headers. Check if they belong to the claimed organization or are located in unexpected geographic regions.

In our example, if the headers revealed that the email originated from servers in a country where GoDaddy doesn’t operate, or from unrelated domains, this would confirm it’s a phishing attempt.

Common Phishing Tactics to Watch For

  1. Impersonation of trusted entities: Scammers frequently pose as banks, service providers, or colleagues.
  2. Misleading links: Hover over links before clicking—the actual URL often reveals the scam.
  3. Requests for sensitive information: Legitimate businesses rarely ask for passwords or financial details via email.
  4. Unexpected attachments: These can contain malware designed to infiltrate your systems.
  5. Domain spoofing: Carefully check email domains—subtle misspellings like “godaddy-billing.com” instead of “godaddy.com” are common.

Protecting Your Business

Implement These Safeguards:

  1. Establish verification protocols: Create procedures for confirming financial requests, especially those received via email.
  2. Use multi-factor authentication: This adds an extra layer of security to accounts, significantly reducing the risk of unauthorized access.
  3. Educate your team: Regular training sessions help employees recognize and appropriately respond to phishing emails in business settings.
  4. Verify through official channels: When in doubt about a communication, contact the company directly using their official website or phone numbers—never use the contact details provided in the suspicious email.
  5. Invest in security software: Email filtering systems can catch many phishing attempts before they reach your inbox.

Our Microsoft 365 Business and Google Workspace Business services include advanced security features to help protect your organization from phishing attacks and other email-based threats.

Email Security Best Practices for Business

In addition to identifying suspicious emails, implementing robust email security practices can significantly reduce your vulnerability to phishing attacks:

  • Enable SPF, DKIM, and DMARC: These authentication protocols help prevent email spoofing and protect your domain from being impersonated. According to DMARC.org, implementing these protocols can block millions of fraudulent emails daily.
  • Use email encryption: Encrypt sensitive information that needs to be sent via email to ensure it can only be read by the intended recipient.
  • Implement content filtering: Configure your email security solutions to scan for suspicious content patterns commonly used in phishing emails.
  • Create a reporting system: Make it easy for employees to report suspicious emails to your IT team for investigation.

What to Do If You Receive a Suspicious Email

  1. Don’t click any links or download attachments
  2. Report the email to your IT department or security team
  3. Forward the email to the legitimate company’s fraud department
  4. Delete the email from your inbox
  5. If you’ve clicked a link or provided information, change affected passwords immediately and monitor accounts for suspicious activity

The Federal Trade Commission recommends forwarding suspicious emails to reportphishing@apwg.org and to the organization being impersonated.

Conclusion

As phishing tactics continue to evolve, staying vigilant is your best defense. By familiarizing yourself with common scam indicators, checking email headers when suspicious, and implementing proper security measures, you can significantly reduce your business’s vulnerability to these costly attacks.

Remember: legitimate companies will never pressure you for immediate payment via email, especially with threats of service discontinuation. When in doubt, always verify through official channels before taking action.

Need help securing your business email systems against phishing attempts? Contact us today to learn how our email security solutions can protect your organization.

Additional Resources