What does grammar have to do with Cyber Security?

By Kevin De Snayer

Over the years, anyone with an email account has inevitably received emails that can only be described as “questionable” at best—the grammar, style, and even formatting can at times be borderline laughable. For instance, to this day the famed and still poorly written Nigerian Prince email is still very much alive, still being circulated worldwide. And though shocking, with all of its shortcomings it still makes hundreds of millions of dollars a year—that’s from a poorly written email scam.

So why the bad grammar to begin with? The reality is that the majority of these types of scams originate from areas far outside of North America; for instance, Eastern Europe, Africa, Asia, Central and South America, and so on. As such, the nature of the translation can be questionable. To add to the mix, many of these email templates are available on the dark web shared by countless cyber criminals and organizations.

But then, of course, the question becomes what happens if the messaging gets better? As of late, like many things in technology, there is an evolution of sorts happening to the messaging behind these nefarious types of emails. With the advent of even the most basic of grammar-checking tools available on the market today, hackers are getting smarter and, therefore, better at disguising their messages as legitimate—regardless of the poor translation techniques.

To make things worse, adjacent business opportunities have arisen due to the criminal email market. As such, people and organizations (if you can call them that) have cropped up with services including communications and translation services. And like their legitimate counterparts, these services provide in-depth writing, editing, grammar checking, and so on—all meant to make the criminals appear much more professional.

So what are people to do? If grammar was the first tell-tale sign that an email may be fraudulent, then other factors must be taken into consideration. My suggestion is simple: become a detective. Not only is it worth your while to educate yourself on the different types of email scams and what to look for, it can—although this may sound strange to some—be somewhat fun to do. And though perhaps that’s just something coming from the guys that do this for a living, identifying scams before they happen to you is a pretty rewarding feeling.

First, look at the email address, not just the sender. And though email addresses can also be spoofed, it’s a good place to at least start. If an “official” email is coming from a person or company but is using a public email domain such as Gmail, Microsoft, etc., then it’s fake. Report it and hit delete.

Also, look for little things such as the misspelling or misrepresentation of the domain. Here’s a common one: using the letters “rn” to resemble the letter “m.” At a quick glance many may never notice, but in reality microsoft.com may in fact be a fake “rnicrosoft.com,” leaving the recipient to accidentally click on a phishing email or other type of attack.

And then, of course, there is the questionable attachment scenario, usually something labeled as a purchase order, invoice, etc., with a message stating that “immediate action is required.”

Your best defense is education. Read as much as you can about email scams, what trends others are seeing right now, what language they use, the grammar, the domains, and more. Chances are that you already know most of these—the trick is to know when these once glaring scams have become not-so-glaring as they evolve. In short, the scams will never stop, but the good news is that you can at least stop them in their tracks.