Even if you aren’t familiar with the term “phishing” there’s a very good chance you’ve received phishing emails in your personal or work email. Phishing is the term used for emails sent by cybercriminals with the goal of tricking you into handing over sensitive information.
The best way to avoid falling into a phishing email trap is to recognize them for what they are and ignore them. But this is not always as easy as it sounds. Fraudulent emails can be cleverly disguised to look like they come from a legitimate source, such as a financial institution, a major online retailer, or even your own email server.
What does a phishing email look like?
There are certain emails you should always be immediately wary of. They include emails that seek to impose a sense of urgency through an alarming message. Typical messages may go something like this:
- “We have detected fraudulent activity on your account…”
- “We have been unable to verify your information…”
- “Your account may be closed if you do not take immediate action…”
If you ever receive any emails such as those described above or similar, no matter how legitimate they may look and sound in appearance, then take the time to look for the following so you can positively identify a phishing email.
Here are 5 ways to spot a phishing email:
1. The email asks for personal information
No reputable business, retailer, or financial institution will ask you to provide any sensitive details in an email. If they do, it is an immediate red flag that this email is not what it appears to be.
2. Look for spelling and grammar errors
While this doesn’t apply to all phishing emails, many are often riddled with spelling or grammatical errors.
3. A lack of information
If the email appears to come from a legitimate company but doesn’t address you by name, it may be a phishing email. Additionally, a general lack of information or vague and confusing content is also a red flag.
4. Links to a fake URL
Many phishing emails instruct you to visit the website and enter your account information through the link provided in the email. In phishing emails, the website is actually a cleverly designed fake. Hover your cursor over the link–if the URL has a misspelling in the company name, does not have the HTTPS at the beginning of the link indicating a secure website, or appears to have an extensively long URL, it is likely a phishing email.
5. Instructs you to call a number
Some phishing emails ask for you to call a number and provide information rather than enter it online. Never call the number provided in an email unless you are 100% certain it is the company’s true contact phone number.
If you ever uncertain about an email, open another browser tab and type in the company’s URL to visit the site that the email appears to come from, instead of clicking on any links in the email. Then you can be assured that you are visiting the official site and not a fake.