As I was scrolling through the long list of emails I typically ignore, I realized that I have a lot of phishing emails. Some are from known companies saying my account has an issue or is being suspended, some are payment receipts for things I know I didn’t buy, and some are also package delivery notifications.
I can usually tell when these emails are fake, but I know many can not. They usually have tell-tale signs, but some of these scam emails are set up very cleverly. That’s why I am writing this to share how you can protect yourselves from these types of frauds.
Trust me, falling for their tricks can mean consequences ranging anywhere from financial losses to identity theft – not fun stuff. It is critical to be aware of the sneaky tactics these cybercrooks use and know the red flags to look out for. Let’s begin.
What Is A Phishing Email?
A phishing email is a deceptive and fraudulent email that is designed to trick recipients into revealing sensitive information, such as usernames, passwords, credit card numbers, or other personal details.
Phishing emails are often disguised as legitimate communications from trusted sources, such as banks, social media platforms, or government agencies. These emails typically contain elements intended to create a sense of urgency, fear, or curiosity, prompting the recipient to take immediate action.
Phishing attacks are also commonly done through phone calls (vishing or voice phishing) and text messages (smishing or SMS phishing).
6 Ways To Spot A Phishing Email
It’s important to not fall for this and remain calm and level-headed to detect the deception. These are some elements of a phishing email:
False Representation: Most emails will pretend to be from a trusted source such as a known bank or online shopping platform. They may go as far as copying their logos and other known identifiers.
Spoofed Email Address: To appear more legitimate, these scammers will create or spoof email addresses that look like they are coming from a real company.
Contrived Urgency: Scam emails will try to create a sense of an emergency in you. They may say there is a problem, such as a bank account issue, or a limited-time offer. It makes you wants to panic and not question the email closely enough.
Hyperlinks & Attachments: Emails will contain malicious links that lead to websites that look legitimate, but are actually intended to steal your personal information. The emails could also have attachments for you to download (such as invoices or receipts) that will download a virus on your computer and steal information in that way.
Impersonal Greetings: Many of these scammers just have people’s email addresses and not their names. Therefore, most emails will be addressed to something generic such as, “Dear Customer”.
Spelling & Grammatical Errors: These emails are typically not drafted professionally and will include a few spelling and grammar errors. If you see this, it’s another big sign that the email is false.
Now that we know what to look for to identify these scams, let’s move on to a few examples.
Phishing Email Examples
These are some real-life examples of phishing emails that I’ve received. I screenshot a few to share and show you how to identify them as the scams they surely are.
This email pretending to be from Wells Fargo is intended to make you click on the link. It will probably lead to a website made to look like the bank’s official site. You can tell right away that it is fake because the email shown is not mine. There is also a typo and weirdly spaced words further down.
In the email from the so-called “Chase”, if you click to view the email addresses it is addressed to and from, you will see that the sender is not from a Chase address.
The email also has typos and tries to create a sense of urgency (with bad grammar used) that my account will be terminated.
Here are two different emails I received from scammers that try to look like they are from Amazon. One has a greeting that would never be used by a company and addresses me with, “Hello [email protected].”
They also both have other elements that show they are scams such as typographical and grammatical errors. Along with that, they are trying to create a sense of urgency to log in and verify my information before the account is terminated. They are also both asking for billing information which will lead to financial loss.
These last two fraud emails that look like they’re from PayPal and Apple Pay are both intended to make you download a file that most likely has a virus attached. If you look closely, they both have real emails but they are in the “To” field.
They also both have bad grammar from the beginning in the subject field and address me with, “Dear (or Hello) Customer”.
As shown, these phishing emails do not have every single tell-tale element in them, but if you look closely, you will be able to detect some of them.
What To Do If You Receive A Phishing Email
If you realized you received a phishing email, here is a list of items you should not do:
Do not click any links or download attachments from the email!
Do not sign in to your accounts from a link in the email
Do not share personal or account information such as your social security number, passwords, card information, account PIN, or access codes
Do not call phone numbers included in the email
Do not allow remote access to your computer
Instead, report the email as spam in your inbox and/ or forward it to the Anti-Phishing Working Group at [email protected] and report it to the FTC at FTC.gov/Complaint.
What To Do If You Fall For a Phishing Scheme
If you have fallen victim to one of these schemes before you were able to detect it, it’s important to take quick action to minimize any damage. Here are some things that I recommend you do:
Change your passwords immediately if you’ve disclosed your credentials
Enable Two-Factor Authentication (2FA) if it is available
Contact your bank or the website where your information was targeted
Check for unauthorized activity in your accounts such as unauthorized purchases, changed login credentials, etc. Some types of accounts will show the last login attempts and where they were made.
Monitor your accounts closely for the coming weeks to make sure there are no further attempts.
If you have installed malware, run antivirus software on your computer and do a full system scan to detect and remove any malicious programs.
Monitor your credit score and credit report to identify any opened accounts quickly.
Just know that it happens to the best of us! I’ve had to get rid of many viruses and restore computers due to these crooks. It’s important to just learn from the experience and be able to prevent them again in the future.