Many people are often targeted by cybercriminals via emails designed to look like they are from legitimate sources (government agencies, non-profits, etc.). These emails will often ask the recipient to click a button to confirm account information, billing details, or any other personal information. This practice is called ‘email phishing’, and it is commonly used, and often successful, in attempts to steal important personal information.
Once your information is obtained, cybercriminals can create new user credentials or install malware into your system. Either way, your personal information is at risk, and you will be locked out of your account.
However, there are some things to look out for if you find yourself questioning a suspicious email you have received:
– Requests for personal information
– Generic greetings or lack of greetings
– Illegitimate ‘from’ email addresses
– Multiple and misleading hyperlinks
Legitimate organizations will not ask for your personal information via email. If you have received an email asking you to click on an attachment or button to provide sensitive information, it’s most likely a scam.
Most organizations will call you by your name, especially if you have an account already established. Be careful of emails greetings like “Dear valued member,” “Dear customer,” or “Dear accountholder.” If a company is sending a legitimate request for account information verification purposes, they will most likely call you by your name and direct you to contact them via phone.
Email users should be very careful when clicking on attachments. Real companies will not send unsolicited attachments to your inbox. Some high-risk attachment files include .exe, .zip, and .scr. Typically, authentic organizations will direct users to access or download files from their own website.
Another sign the email you have received is a scam is by looking at the actual email address of the sender. You should always make sure no alterations have been made to what comes after the @ symbol. For example, scammers will often send emails from address like “email@example.com” or “firstname.lastname@example.org.” Notice how a number and an extra letter was added in these examples. These are not the actual URLs to the respective company websites.
The best way to determine if the email you have received is a scam is to call the organization in which it allegedly came from. By speaking with a real customer service agent, you can determine whether or not the communication is legitimate.