The best defense against phishing attacks is to block fake emails before they reach your inbox by using a spam filter. But unfortunately, some phishing emails will make it to the inbox even with protection.
Here are 5 tips on how to identify phishing or fake emails:
Sender’s Email Address
The first question you should be asking yourself is does the email address look fishy. For example, let’s say you get an email saying it is from Your Bank, but the email address is strange. The address is YourBank@hotmail.com. That should be a red flag. The sender’s email, especially from a bank, should not be using a public account, like Hotmail, Gmail, Yahoo, etc.
Hackers use fake sites to steal your information. Watch to make sure the URL is actually the one you want to be going to. How do you find that out? If you’re on a computer, hover your mouse over the link to see a preview of the link in the status bar. The status bar is located at on the bottom left-hand corner.
URL you want to click on should be taking you to Target.com. If you hover over the URL and see target.com.123.nl in the status bar, you should not follow that link.
Legitimate banks and most other companies will never ask for personal credentials, like PINs and card information, via email. You should be suspicious of all emails and websites requesting your Social Security number, identification number, or any other sensitive information.
Does the email in question use your name? Illegitimate and fake emails will often address the receiver as a “valued customer” or “to whomever this may concern”.
Also, if you name is spelt incorrectly proceed with caution. Remember if this email is real that person or company should have your correct information on file.
Real businesses are serious about email. Legitimate messages usually do not have major spelling mistakes or poor grammar. Read your emails carefully, if something seems off, don’t click on anything.
Don’t be afraid to hit delete.
If you get an email from an unfamiliar sender, don’t be afraid to hit the delete button instead of opening it. After all, if any legitimate person or business needs to contact you about something urgent, they would have your phone number, right? It’s okay to just say no to opening suspicious looking emails.
And don’t forget about using your phone to check for authenticity. Going back to that bank example, you could call your bank to see if the email request is legitimate. The bank will be able to let you know either way.
If you truly do not know whether an email is real or fake, ask an expert. If your company is partnered with IT service provider, a simple call over to your IT help desk can save you a whole lot of headache.