Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsOff topic"Wall chart" for identifying spam/phishing
cazique

8 posts

Wannabe Geek


#310541 30-Oct-2023 16:09
Send private message

I'm trying to educate a few older friends and relatives how to recognise spam/phishing emails, but I fear they are not getting the message. Are there any good printable charts that I can stick on their wall? I've found a few such images online but I don't think they're very good, frankly. I'm trying to find a simple chart that emphasises warning signs like:

 

1. The email fails to greet you by name (generic salutation like "Dear User")

 

2. Return email address is gibberish.

 

3. Email tries to make you click on a URL that is obviously fake.

 

4. Bad spelling/grammar.

 

5. Blurry images/logos.

 

Thanks for any tips.

View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
nzkc
1572 posts

Uber Geek


  #3153758 30-Oct-2023 16:32
Send private message

Email tries to make you click on a URL that is obviously fake.

 

This is probably the biggest clue. I think you'll need to show people how to spot this though - its not as simple as looking at what is in the email. You need to check  the actual URL the link will go to.

 

A couple of things to look out for is:

 

  • You do not recognise the sender/caller
  • You are not expecting a package (lots of spam/phishing done this way these days)
  • You do not need to give anyone remote access to your PC. Ever.
  • If it feels suspicious, do nothing until you've checked with someone else



zocster
1983 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #3153759 30-Oct-2023 16:34
Send private message

Could possibly customise this




 

Andy Ghozali
Geekzone Member

Logo		 E: andy@ghozali.ru
M: +64 21 395 458
A: Andy's Business Services, 231 High St, Christchurch 8011, NZ
www.andy.mobifacebook icon linkedin icon instagram icon 

SirHumphreyAppleby
2849 posts

Uber Geek


  #3153764 30-Oct-2023 16:57
Send private message

I would add...

 

  • DKIM/SPF checks fail or give warnings. It's unfortunate that most clients don't make this information available to you, but GMail at least does if you select the "Show Original" option.
  • Use of internationalised domain names.
  • Return-path is from a different domain (related to SPF). Note, this is different from the reply-to address.



cazique

8 posts

Wannabe Geek


  #3153765 30-Oct-2023 17:05
Send private message

SirHumphreyAppleby:

 

I would add...

 

  • DKIM/SPF checks fail or give warnings. It's unfortunate that most clients don't make this information available to you, but GMail at least does if you select the "Show Original" option.
  • Use of internationalised domain names.
  • Return-path is from a different domain (related to SPF). Note, this is different from the reply-to address.

 

 

 

I'm trying to educate older people who only have a basic understanding of the Internet. They won't understand jargon like checking DKIM/SPF (heck, even I'm not familiar with those abbreviations). They probably would understand that an email purporting to be from PayPal should have a return email address like Paypal.com, not a gibberish return address like dlgeldfd [at] fsdgljgfg.com. I think a chart with the 5 points I mentioned above would identify spam/phishing in most cases.

gehenna
8520 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  #3153766 30-Oct-2023 17:06
Send private message

Contact Netsafe and see what educational resources they have. 

cazique

8 posts

Wannabe Geek


  #3153767 30-Oct-2023 17:08
Send private message

nzkc:

 

Email tries to make you click on a URL that is obviously fake.

 

This is probably the biggest clue. I think you'll need to show people how to spot this though - its not as simple as looking at what is in the email. You need to check  the actual URL the link will go to.

 

 

I can explain "Hover your mouse pointer over the link and you'll get a pop-up showing you the URL", yes.

 

 

tweake
2393 posts

Uber Geek


  #3153770 30-Oct-2023 17:28
Send private message

nzkc:

 

Email tries to make you click on a URL that is obviously fake.

 

This is probably the biggest clue. I think you'll need to show people how to spot this though - its not as simple as looking at what is in the email. You need to check  the actual URL the link will go to.

 

 

its common for people to miss the subtle difference in the link. something as simple as a .co.nz when the correct one is actually .com.

 

 

 

the other BIG problem with nz is not the users but the businesses. eg boss had an email saying "you missed payment, please click link". obvious spam, but no it was actually legit from a major nz company (and i think that i was actually from the bank).

 

my simple advice, is do not use the links in the email. use your normal links.

 

 

 
 
 
 

Trade NZ and US shares and funds with Sharesies (affiliate link).
fearandloathing
504 posts

Ultimate Geek

ID Verified
Lifetime subscriber

  #3153771 30-Oct-2023 17:29
Send private message

There’s a good summary here and a nice chart.

https://cofense.com/knowledge-center/signs-of-a-phishing-email/ 

SaltyNZ
8235 posts

Uber Geek

Trusted
2degrees
Lifetime subscriber

  #3153774 30-Oct-2023 18:13
Send private message

nzkc:

 

Email tries to make you click on a URL that is obviously fake.

 

This is probably the biggest clue. I think you'll need to show people how to spot this though - its not as simple as looking at what is in the email. You need to check  the actual URL the link will go to.

 

 

 

 

Yes, but it's also very difficult for most people to discern. There's a flood of crap coming through at the moment with URLs that all have "2degrees" somewhere in the URL. (I won't give examples for obvious reasons). How could a bad guy possibly have "2degrees" in the URL? It must be real!




iPad Pro 11" + iPhone 15 Pro Max + 2degrees 4tw!

 

These comments are my own and do not represent the opinions of 2degrees.

gehenna
8520 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  #3153777 30-Oct-2023 18:33
Send private message

Probably a good starting point is to assume no communication you receive is legitimate, and work your way up from there.

alasta
6707 posts

Uber Geek

Trusted
Subscriber

  #3153781 30-Oct-2023 18:55
Send private message

gehenna:

 

Probably a good starting point is to assume no communication you receive is legitimate, and work your way up from there.

 

 

This.

 

Honestly, training non-technical people to spot scams these days is really hard. I frequently get spammy looking emails at work that I report to the IT department as scams and they turn out to be legitimate emails from our (admittedly strange) systems. 

 

The best approach is to give them a simple procedure that they can apply consistently regardless of whether they suspect something is a scam. e.g.

 

  • If you bank calls you then insist that you will call them back on their published number then immediately hang up.
  • If you receive an email from Waka Kotahi then go directly to their web site and renew your car registration that way.
  • If you receive an email or instant message from a family member asking for money then call them to discuss it, or contact another family member.
  • etc. 

Eva888
2447 posts

Uber Geek

Lifetime subscriber

  #3153784 30-Oct-2023 19:07
Send private message

Another one to watch out for that I received purportedly from Google, very legit looking telling me my storage was full and to click the link for a one time offer of X$. I checked the address url and sure enough it was a fake.

It made my heart drop when first opened and thinking damn, maybe I should take the great deal offered. I can imagine many would have fallen for it.

quickymart
13970 posts

Uber Geek

ID Verified

  #3153788 30-Oct-2023 19:31
Send private message

alasta:

 

  • If you receive an email or instant message from a family member asking for money then call them to discuss it, or contact another family member.

 

Had this as well, a family member's Facebook account was compromised. They asked me to send them money via Messenger. Tried calling but they didn't answer. I said "I don't believe it's you", they said "its me lol". I pointed out if it was them they would answer the call...and they blocked me.

 

I reported this to Facebook and the account was disabled (as it should have been!).

alasta
6707 posts

Uber Geek

Trusted
Subscriber

  #3153796 30-Oct-2023 20:23
Send private message

quickymart:

 

Had this as well, a family member's Facebook account was compromised. They asked me to send them money via Messenger. Tried calling but they didn't answer. I said "I don't believe it's you", they said "its me lol". I pointed out if it was them they would answer the call...and they blocked me.

 

I reported this to Facebook and the account was disabled (as it should have been!).

 

 

This is one of the reasons why I stopped using social media and instant messaging. The nuisance emails that I get tend to be generic mass mailed material whereas, at least anecdotally, scams over social media seem to be a bit more sinister in the way that they are personally targeted. Honestly, I would rather that my elderly parents didn't use these services. 

ANglEAUT
2327 posts

Uber Geek

Trusted
Lifetime subscriber

  #3153819 30-Oct-2023 21:52
Send private message

cazique: ... I've found a few such images online but I don't think they're very good, frankly. I'm trying to find a simple chart that emphasises warning signs like: ...

 

Take your pick

 

 




Please keep this GZ community vibrant by contributing in a constructive & respectful manner.

 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00

eero Pro 7 Review
Posted 23-Jul-2025 12:07

BeeStation Plus Review
Posted 21-Jul-2025 14:21

eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01

WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32

RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26

Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24

Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05

Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01

Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01

Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22

Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46

Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42

D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34

Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.







RSS feeds
Main feed
Forums feed
Copyright
©2002-2025 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Affiliate links
Samsung
AliExpress
Wise
Sharesies
GoodSync
Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright