In today's world, scam and phishing emails is an everyday occurrence. As time passes, cybercriminals become more sophisticated and can bypass previous detection methods. It's important to recognize the tell-tale signs to protect yourself. This article will review some of those, so you know what to look for and protect yourself.
Common "red flags" in a malicious email:
1. Generic Greetings: The email has a generic greeting such as "Sir/Ma'am" or sometimes "Dear account holder," "Dear member," or other non-name-specific greetings. Generally, a legitimate company will greet you by your name as they already know what it is. Sometimes they will skip the greeting or salutation altogether to look more legitimate. Ask yourself, is this how this person or company normally greets me?
2. Bad Grammar and Spelling: If an email has bad spelling or grammar, there's a much higher likelihood of a scam or illegitimate email. Most companies have marketing and writing teams with editors that will have multiple quality checks.
3. Claims of an account problem: Companies don't typically send an email to notify you of an issue with an account. This is even more so for banks and financial institutions. Always call the company directly and verify. Never use the phone number listed in an email. Check the back of your bank or credit cards. The real phone number will be listed if you receive a monthly paper statement. Otherwise, go directly to the business's website and get the phone number there.
4. Strange or unexpected attachments: The more time passes, the fewer people send files via email. It's much more common for people to share files via other tools like Google Drive, Dropbox, Airdrop, Sharepoint, etc. Even if the email appears to be from a known sender, if it's out of character for that person, give them a call and verify they did send you that attachment. Also, if you're a windows user, look for files with extensions such as .exe, .zip, and .scr. Do not open those types without verifying who sent them and what they are.
5. If it's too good to be true, it probably is: We'd all love to win that new car or maybe even a new phone, but realistically Tesla or Apple aren't going to notify you randomly by email of all methods that you just happen to be the winner. If an email says you won or promises something for nothing, it's a scam.
6. Urgent or "pushy" emails: A very common tactic is for scammers to use language that creates a sense of urgency or tries to push people into action. They will use threats like "you must immediately log into our website here to protect your account." Don't fall victim to this; if it appears to be an email from a company or organization you do business with, call them and verify.
7. Strange, unfamiliar, or obfusticated links: Often, you can hover your mouse over a link and see where it goes. Try this link out for an example Once you hover over it, you should see at the bottom of your browser where the URL goes to:
In this example, the link goes to our site but doesn't lead anywhere (the page doesn't exist), so it's safe. Do not click links that lead to shortened URLs such as http://shorturl.at/dfTVW; these can be used for legitimate purposes, but they obscure where the link leads.