There are red flags to look for when trying to determine if an email is legitimate or fraudulent. This article provides examples of typical phishing emails and steps you can take to easily identify them.
Fake Emails to Watch Out For
Hint: They Usually Involve a Call to Action.
An email from your manager asking you to wire money or do something out of the ordinary.
An email that explains there is a problem and requires you to click on a link to ‘verify” information and fill out the blank fields.
An email that says someone has shared a Dropbox file with you and asks you to click on a link.
An email requesting that you change your password for Gmail, Facebook, or your bank account.
An email that warns your mailbox nearing capacity.
An email from a friend asking for a favor.
An email offer from a foreign country.
An email notifying you that your PC is infected and to contact Microsoft support.
An email that notifies you that you are the winner of a large cash prize.
So, What Can You Do About it?
Slow down when reading email. Never download or view attachments from unknown senders. Always treat attachments from known senders as possibly suspicious unless the information has been directly solicited. Never execute executable files. And even if the document advises otherwise, don’t enable Macros within Office products. If there is a doubt, contact the helpdesk prior to opening the attachment to inquire further.
Be cautious about clicking on a link. Especially one that is contained within an email that was unexpected and unsolicited. Also, be cautious of clicking on a advertisement posted on a website.
Be aware that many scams try to scare you into taking action quickly, and threaten you with negative consequences if you don’t. They know that if they can instill a sense of urgency, you will be less likely to properly vet the email request.
Hover over a return email address with your mouse pointer to verify the address before responding. Even if it looks official, do not use the link. Go to the site directly and log in.
Research the facts. Please pick up the phone and call the person to verify the legitimacy of the email. Or create a new email string with the person to verify the original email you received is legitimate.
Delete any email requesting financial information, passwords, or wire transfers.
Remember that email filtering doesn’t catch everything. The bad guys have gotten better at crafting emails that appear to be legitimate and can often circumvent email filtering. Those “spoofed” emails may land in your Inbox, and require you to recognize they are fraudulent.