Again, running a website is similar to running a garden: Not everything that grows and thrives there is also useful and desirable. Here, as there, it is important that you can distinguish between useful and harmful content.
Phishing e-mails are an extremely annoying and dangerous network growth that you - especially if you run a website - have certainly already had in your mailbox.
They usually suggest an urgent need for action and ask you to click on links contained in the e-mail. However, if you do so, you may already have been taken in.
Such links can call up scripts in the network that have been specially set up by the sender of the mail in order to install malware such as viruses, Trojans, spambots or similar on your computer.
If such sites are visited with a vulnerable computer without effective virus protection, there is a risk of damage: Data can be lost. The cost of restoring a clean system may be high. The other, no less risky variant is an alleged login form accessible via the link, in which you are supposed to enter credit card data or access data from an online bank, web space or telephone provider or similar in order to log in for some alleged purpose.
Usernames, passwords, PINs and TANs that are entered there go directly to the authors of the mail and enable them to misuse the data. The possible consequences are easy to imagine.
Such emails can also contain file attachments such as alleged invoice or reminder documents, which should never, really never, be opened before checking their authenticity. They can also contain malware that can spread to your computer when opened.
To avoid such consequences, it is essential to be able to reliably identify phishing emails as such: often not so easy at first glance.
But don't worry: There are a handful of criteria that are quite certain to unmask a phishing e-mail.
Provider / Offer
If you receive a message threatening you with imminent disaster regarding your PayPal account or your Netflix account, for example, but you use the relevant service Not booked at all then the matter is closed for you - no matter how convincingly the e-mail is faked. So first check: Is it even possible that the facts described concern me?
Subject
Phishing emails usually suggest particular urgency in the subject line: "Last reminder", "Last message before your services are discontinued", "Urgent change to your account", "Important security update".
Threats of dunning or debt collection proceedings are worrying, but they are also an indication of a probable forgery. Even the most postage-sparing provider will resort to letter post instead of sending an e-mail if legal action is to be taken.
The following should always apply: Keep calm! The more urgent the alleged need for action, the more carefully you should check.
A request for action by e-mail with severe consequences if it is not completed within one day is likely to be simply excluded be.
Content / Language
Even if the counterfeits are getting better and better in terms of appearance, the Language used often conspicuous. Your own sense of language provides important clues here. Awkward formulations, grammatical errors and sentences that seem poorly translated into German indicate forgery.
Referral targets
They are the surest criterion that something is wrong with the message: The actual addresses of the links contained in the message.
If you place the mouse pointer in the e-mail program or webmailer - WITHOUT CLICKING - on the links contained, the link target is displayed somewhere, usually at the bottom of the window, depending on the software. If there is a Address that differs from the visible link text that has nothing to do with the alleged provider, the case is clear: fake, hands off!
One of the links displayed in a recent alleged e-mail from the provider Strato reads:
https://www.strato.de/manager/billing/history/debt/all/pay
However, the actual referral target
https://zahlung.strato.de.brunosalvador.it/
At first glance, you might think of a Strato address, but: The *last* part of the character string between the double slash "//" of a URL and the end or the first single slash, in this case "it", is the top-level domain. The part before it, i.e. "brunosalvador", is the decisive domain name. Only these two parts designate the linked server - "brunosalvador.it". Everything to the left of it can be ignored in this context. So this address has nothing whatsoever to do with Strato. The message is fake.
Another example: DKB Bank - the link actually points to a completely different server under an Italian top-level domain.
Web research
A web search can dispel any last doubts. The Enter the subject in a search engine often provides clear results. The hits usually include entries from relevant portals that deal with spam warnings or messages from the service providers themselves that warn of phishing emails distributed in their name.
What to do?
If you have recognized an incoming message as a phishing e-mail without a doubt, you can basically ignore and delete. If you still have doubts after the above checks, simply contact the provider, depending on the occasion, to check any existing Confirm need for action to leave.
If you are sure that you have discovered a phishing e-mail, you can also Report to the alleged provider. Many providers have dedicated e-mail addresses or web forms for so-called abuse reports.