Common Email Scams: Phishing Emails

How to Recognize and Avoid Phishing Emails

Phishing is another common cybersecurity attack that is typically done through email, phone calls, or text messages. The criminals usually pose as trusted persons or entities to lure recipients into giving out sensitive information like bank account details, login credentials, etc. Keep reading to learn more about phishing emails, how to identify it, and avoiding being a victim.

Phishing Emails As A Threat

Phishing is a social engineering attack that aims to trick individuals into clicking malicious links, installing malware, and giving out credentials. The emails or messages are designed to look like actual emails from a trusted company, even containing their logo and branding style. Once they get a hold of passwords or accounts, they can steal money, make unauthorized purchases, or steal your identity. They send out thousands of attacks every day and they often succeed.

How to Identify A Phishing Email

Scammers stay up to date with the latest trends and keep up with the news. They often send you an email telling a story and then asking you to visit a website or click a button. Their most common tactic involves messages that require urgent action, like noticing a suspicious activity or log-in attempt in your accounts or that some problem has occurred with certain payments. Sometimes they send you a fake invoice to scare you even more. 

Here are other signs that you might be dealing with a phishing email:

Too Good to Be True Offers

Beware of shiny flashy offers that are designed to catch attention. For example, an email that claims that you have won the lottery, an iPhone, or something expensive. If you don’t remember signing up for a contest, in this situation, you are probably the prize.

Misspelled Hyperlinks

Even if the link looks legitimate, always be cautious before clicking it. It’s easy to add another link to a text, which means you could also get easily redirected to a malicious website. Hover over a link to see the actual URL and check for misspelled domains, such as the letter “m” replaced with “rn” or “nn”.

Unexpected Attachments

Any attachments you’re not expecting should not be opened, especially if they are .zip files. They could contain viruses that may harm your computer. A .txt file would be safe, but other types of files are potentially harmful. 

Unusual Sender

Don’t trust any email from any unknown sender, especially those with suspicious emails. If you’re not expecting any new contact, it’s probably best not to open these messages. Our Safe Preview feature allows you to check messages before they are analyzed. Learn more here. 

Requesting Personal Information

The most obvious signs of a phishing email would be one that asks for your personal information, like login credentials, passwords, etc. If you get redirected to a login page, don’t enter your details. The safer option is to type out the real website URL and use that instead.

How to Stop Phishing Emails

Now that you know what kind of emails could be phishing attacks, you can become better at protecting yourself by doing the following:

  • Avoid clicking links from unknown emails
  • Beware of pop-up windows
  • Don’t give out personal information
  • Don’t get swayed by emotional lures
  • Stay updated with the latest phishing tactics
  • Keep track of your online accounts
  • Update your browser regularly

When you receive a suspected phishing email, the first step is to not open the email. Report it to your company or organization and let the experts handle it. Always report a phishing attack, regardless of whether you think another person in your organization has already done it. It pays to be vigilant in order to keep your company’s network safe from cyberattacks.