Recently we have received an increase in customer concerns about emails that did not look right. So we decided to address some of these issues for those of you who might want a little more information for that added peace of mind on how to spot email phishing scams.
How to Spot Email Phishing Scams
Emails have long been used as a resource for phishing scams and can often be indistinguishable from legitimate emails. The sophistication of such attacks has improved over the years, making it even harder to identify before unwillingly revealing valuable information to hackers. Here are some methods you can use to help identify such scams.
- Look for spelling and grammatical errors
Most official business emails are sent through a spell-check feature and are written using professional dialogue.
- Inconsistencies in links & email addresses
This is usually the quickest and most reliable way to spot a phishing scam right away. A business will never send an email that does not contain their official and accurate email address or web URLs. And alternatively, a scammer would almost never be able to send an email through a web server they did not have official access to. If you’re on a computer, we recommend hovering your mouse over the link to investigate the source of the links. If it contains anything suspicious or unrelated to the company it claims to be from, it’s probably a scam. If you’re on a phone or mobile device, we suggest waiting to open this email until you’re able to get to a PC where you can investigate the email closer. If in doubt, always call the company the email is said to be from to verify the authenticity but never click the link until you are 100% sure. Most companies are aware of the increase in scams and will make every attempt to ensure they provide trustworthy links and verifiable information and will usually never request personal information to be provided through unreliable means.
- Suspicious attachments are often a dead giveaway.
If you receive an email that contains an attachment you’re not expecting, it’s always wise to examine it carefully before opening it. Most virus scanners will usually flag such attachments, depending on which email client you use but in the event that it doesn’t, pay close attention to the type of file you have been sent. Look at the file extension of any files you receive via email. Some common file extensions these attachments will come with include .exe, .scr, .zip, etc…
- Unusual or suspicious requests
Due to the nature of these emails, their goal is usually to acquire valuable information or actions from you that will help them acquire access to such information. This can come in many forms, ranging from requests for you to install programs or patches onto your computer or device to website links that take you to misleading websites that request your login credentials or other personal details. This is where checking the links is crucial.
- Check the intended recipient or sender
If you’re like many of us, you might have multiple email addresses. Check to see that the email address and/or names the email was received on, does in fact match up with the details used for the account they claim they are writing about. Alternatively, some emails appear to come from you. These types often claim to have sensitive information on you that they will use against you if you do not comply with their requests.