Phishing & Spam |
Who is it From? | Check the email address to see who it’s coming from. Read the email address carefully and make sure it comes from the business or organization it claims to be. Sometimes scammers will make the email address look really close to a legitimate email address, but the spelling will be off by a letter. |
The Subject Line | The subject of the email will sometimes be vaguely threatening. They might tell you there’s a problem with your account that needs to be fixed right away or that you are in violation of some law and this needs your immediate attention. The idea is to make you panic just enough that you open the email and follow the instructions within. If they aren’t threatening you, they might offer to give you something. They may pretend to be your bank sending you an email about free money if you log in. The goal is to make you excited enough that you don’t look more closely at the details of the email before clicking. |
Greeting | Most of the time, the greeting in the opening of the email will not address you by name. It may say something like “Dear member” or “Valued customer.” This occurs frequently with mass phishing email campaigns because they don’t actually know who they’re sending the email to; they’re trying to get it into as many inboxes as possible. This is not a concrete rule. Spear phishing campaigns involve a lot of research by the scammers, and they may include names in their emails to be more convincing. Do not take the inclusion of a personal name in the greeting as proof that an email is legitimate. |
The Body | There are several things to look out for in the body of the email. First, is everything spelled correctly? Does it sound right? Does it use language and terminology that stands out? Phishing emails oftentimes have spelling and grammar errors throughout the text. In recent years, phishing emails have gotten a lot better at having correct spelling and grammar, so don’t solely rely this rule to determine whether an email is real or not. If you do find errors, it may be a sign that the email is fake. The body of the email will probably lay out what “issues” your account is having or what “prize” the scammers want to give you with instructions on what to do next and a link to a site. Keep in mind that the email may look convincing. It might have all the right font and font colors, logos, graphics, and effects, but that doesn’t mean that it’s legitimate. |
The Link | Phishing emails rely on tricking you into clicking a link to take you to a site where you can give up your credentials. Sometimes the full link is pasted into the email where you can easily read it and see if it’s fake, but other times it may show up as clickable text. If you hover your mouse over it (place your cursor over the link text without clicking) a box should pop up with the address that you can then examine. Be very careful when reading the link; just like with the email address, hackers like to make link addresses look really similar to legitimate sites’ addresses. Never click on these links as they can take you to websites that can infect your device with malware. |