Published on August 31, 2017
There are various types of phishing emails, but they often contain recurring patterns that are easy to spot if you know where to look. Here are some tips to identify fraudulent emails:
Some scammers provide links that resemble the name and website of well-known companies. You can check the real web address the links are pointing to by hovering your mouse over the link, and checking if the displayed URL shows a different web address that is unrelated to the company they are impersonating. If it is a site you typically use, like your bank, sign in on your browser the usual way and compare with the URL they use. It is also a good practice to verify if the link starts with https because that means all communications between your browser and the website are encrypted (but don’t assume that just because the link contains https it is genuine).
Tip: Don’t click on links or open attachments in emails. If an email says you need to see your bank statement, for example, don’t click on the link in the email. Instead, open your browser and go to your bank’s website directly.
Established businesses usually address the recipients by their full name. If the greeting is something vague such as “Dear User” or “Dear Sir/Ma’am”, the message may not be from a trusted source.
Tip: Contact the company or institution that the suspicious email claims to be from to confirm the authenticity of an email.
Keep an eye out for grammar and spelling errors. Cybercriminals are known for making grammar mistakes and having typos in their messages.
Tip: Poorly written and multiple grammar and spelling mistakes are red flags that the message might be a scam. However, don't assume that just because it's a well-written email that it is from a legitimate source.
Some scam emails threaten that your account will be closed if you don’t “verify your identity” by clicking on a link, downloading an attachment or providing your personal information.
Tip: Don’t download attachments or provide passwords and sensitive information. No legitimate organization should be requesting this information from you if they initiated the contact.
You should be alerted if they promise money, especially for little or no effort. Easy money is one of the common methods to persuade email users to click on a link or disclose personal banking information.
Tip: Routinely review your accounts and credit card statements for any unusual activities, or charges that you don't recognize. This way you can ensure there has been no unauthorized access to your account.
If you have been a victim of online fraud, you should immediately change your passwords and PINs on the affected accounts and report the incident to the corresponding institution.
Although fraudulent emails deceive individuals into revealing confidential and personal information, you can be one step ahead by paying attention to email contents, practicing caution and increasing your security. When you notice any signs that the message might be a scam, don’t reveal any important information and confirm the authenticity of the email. Keep in mind that not all fraudulent emails follow these rules, so flawless grammar and convincing URLs do not necessarily mean they are not fraudulent emails. You should always practice caution while communicating with email because dangerous phishing emails appear almost indistinguishably legitimate.
If you have fallen victim to fraudulent emails, report the incident and take appropriate steps to restore your security.