Title	Make sure email message is phishing
ID	RA2204
Description	Make sure that an email message is a phishing attack
Author	@atc_project
Creation Date	2019/01/31
Category	Email
Stage	RS0002: Identification
References	https://en.wikipedia.org/wiki/Phishing http://www.phishing.org/phishing-examples

Workflow

Check an email and its metadata for evidences of phishing attack:

• Impersonalisation attempts: sender is trying to identify himself as somebody he is not
• Suspicious askings or offers: download "invoice", click on link with something important etc
• Psychological manipulations: invoking a sense of urgency or fear is a common phishing tactic
• Spelling mistakes: legitimate messages usually don't have spelling mistakes or poor grammar

Explore references of the article to make yourself familiar with phishing attacks history and examples.