How to Recognize and Avoid Phishing Emails
When clicked, phishing emails often download malware to a victim’s computer. The malware can do anything from logging keystrokes to taking over the system and stealing information.
Never email someone your personal or financial information. Refraining from clicking on links in dubious emails and texts is also a good idea.
Avoid Clicking on Links
You should avoid clicking on links in phishing emails for several reasons. For starters, if you click on a link and download an attachment, you can become infected with malware damaging your computer or stealing your personal information. Additionally, it would be best to refrain from accessing links requesting remote access to your computer.
Often, phishing emails need better grammar and misspellings. This is a good indication that the email is not legitimate. Another tip is to hover your cursor over the links to see the full address. This is easy to do on computers and laptops. Using a link, shortener can mask the URL and make it look like a string of indecipherable characters is also a good idea.
Sometimes, phishing emails can appear very convincing. For example, they might claim to be from a company you trust or mention something you have recently purchased. This makes people more likely to click on the links in the email and risk compromising their computer or information.
Look for a Link to a Secure Site
You’ll frequently receive emails asking for personal information from URLs that appear to be from your bank, credit card company, or mortgage lender. These links frequently take users to phony websites that seem just like the real ones and may even contain passwords. These details are vulnerable to theft by hackers, who may use them to access your accounts or infect your machine with malware.
Most reputable banks, credit card companies, employers, and insurance providers will never ask for your account information or passwords through email. If you need clarification, contact the company to verify that they need your information.
Many phishing attacks look very convincing, so you should always think before clicking a link. Changing your passwords periodically and keeping an eye on your banking activity and any other online accounts you have is also a good idea.
Look for the Sender’s Email Address
When you see an email in your inbox, a text in your phone, or a message in social media that piques your interest, you typically open it. Cyber scammers can use this human nature to steal your information and money from a friend, acquaintance, or someone you do business with.
They want account numbers, passwords, and Social Security numbers to raid your checking account or run up credit card charges in your name. In addition, they can damage your personal and professional reputation, which will take years to repair.
Cybercriminals employ various strategies to collect the needed data, but they all share one common denominator: impersonation. Attackers pretend to be a company their victim does business with, a government agency, or a trusted person such as a co-worker or family member. Some attackers are even more targeted, targeting high-level executives in organizations or known job recruiters. This type of phishing is called whaling.
Look for a URL That Starts With “https”
A URL is the unique address of a website or file on the internet. The first part of the URL tells what protocol to use (usually HTTPS or its unsecured version, HTTP), and the second part tells which server is being used. When looking at the URL on a browser, you should always check that the first part of the address starts with “https” before giving out any information.
Never open attachments or click on links in emails unless you are confident they are secure. This is especially true if the email comes from a company or organization you do business with. Most reputable companies will not send out messages asking for account or personal information via email, and those that should have a precise, verified customer service number or web page.
Hackers can also add fraudulent pop-ups to illegitimate websites that will alert you of an infection on your computer or ask for money for antivirus protection. Fortunately, most browsers have built-in mechanisms that help block these malicious messages. However, they can sometimes slip through the cracks, and it is good to practice common sense to avoid phishing attacks not blocked by your antivirus program.
Look for a URL That Contains a Hyphen
As a general rule, you should never provide personal information over the internet, no matter how legitimate it may seem. This includes email, website forms, text messages, and social media posts. Phishing scams can lead to real consequences, like theft of your personal information or even a credit card charge.
Luckily, there are red flags that can help you recognize phishing emails. These include odd grammar, spelling errors, and generic greetings. Another red flag is if the email asks you to change your account password or perform other online activities. Changing these settings can allow hackers to access your information or even take control of your computer, tablet, or smartphone.