Phishing is one of the most common methods of cyber crime, but despite how much we think we know about scam emails, people still frequently fall victim. Phishing emails are designed to look like legitimate messages from actual banks, businesses, and other organizations. In reality, though, scammers created the message usually in an effort to steal your money, identity, or both. They want you to click links that will take you to a website that looks authentic but is really just there to capture your credit card or other personal information or perhaps to distribute malware.
Here are some ways to spot phishing emails, and what you can do to protect yourself:
1. The email has improper spelling or grammar
Always double check the subject line. and the URL for common spelling mistakes.
2. The hyperlinked URL is different from the one shown
The hypertext link in a phishing email may include the name of a legitimate bank. But when you hover the mouse over the link (without clicking it), you may discover in a small pop-up window that the actual URL differs from the one displayed and doesn’t contain the bank’s name.
3. The email urges you to take immediate action
A common trick with phishing email tries to trick you into clicking a link by claiming that your account has been closed or put on hold, or that there’s been fraudulent activity requiring your immediate attention.
4. The email requests for personal information
Usually banks and other legitimate businesses don’t ask their customers for personal information via email. If you have a checking account, your bank already knows your account information.
5. The email says you’ve won a contest you haven’t entered
A common phishing scam is to send an email informing people they’ve won a lottery or some other prize. All they have to do is click the link and enter their personal information online.
6. The email asks you to make a donation
There has been situations where scammers often send out phishing emails inviting people to donate to a worthy cause after a natural or other tragedy. If you’d like to make a donation to a charity, do so by visiting their website directly.
7. The email includes suspicious attachments
It would be highly unusual for a legitimate organization to send you an email with an attachment, unless it’s a document you’ve requested beforehand. As always, if you receive an email that looks in any way suspicious, never click to download the attachment, as it could be malware.
8. The email sends you a “refund”
There has been situations where people have received emails or texts from financial institutions requesting their banking information to receive a refund.
In the last few months, attacks are getting more personalized and tricky to detect. You may even find your personal information in the subject line. Make sure both you and your employees understand these specific email phishing examples and all of the signs of a phishing attempt.