Ever get an email with an important subject line from a domain you recognize only to open it and find strange formatting? Maybe you just close and ignore (or even better, delete the message). But what if it says, “Your password has expired, click here to reset”? You click the link, type your information, and think everything is fixed. We’ve got bad news. You’ve been phished. Time to reset all of your passwords and contact your bank to check for suspicious activity.
We talk about phishing emails a lot, but it seems that a new scam pops up every day. Most of these schemes follow the same patterns, so we’re sharing the three most common ways to identify a phishing email. With these tips, you’re less likely to fall victim to a scam!
Grammar and Typos
Do you know how many people review and approve marketing or account management emails before your bank sends them? A lot. If the email is legit, the multiple misspellings in the reset-your-password email would have been corrected. Many scammers operate outside of the US, and English isn’t their first language. Multiple grammar mistakes and awkward sentences almost certainly mean the sender isn’t who they claim to be.
By using “urgent” or “immediate action required,” scammers use fear to push you to give up your social security number or bank account info. The next time you see one of these emails, take a breath and ask, “Is this really urgent?” Log in to your account or call the company’s help line to verify the email.
Before you click on the “reset password” link, hover your mouse over it. Check the link that appears. If it’s valid, you’ll see it point to a website of the same domain as the sender. NOTE: This isn’t always the case. The link may be legitimate but shortened. The thing you’re really looking for here is what comes after the domain. If you see “WEBSITE.RU” or “BANKOFAMERICA.COMNET,” you can bet it’s fake. As we said, the link won’t always match the sending domain, thanks to link-shortening techniques, but generally, if the link uses a different country’s domain, don’t click.
Take the Safe Route
You can avoid most of this hassle by hiring an IT provider like Network Alliance! We work with Mimecast mail filtering and targeted threat protection to make sure that almost none of these emails ever make it to your inbox. And if one sneaks in thanks to a hacked contact, URL Protect keeps your information safe by blocking the malicious websites hiding behind the hyperlinks. With complex algorithms that update 24/7, you can relax, knowing that your mailbox and sensitive information are safe.
703.715.4960 Tech Support
To kick off the new year, we’re happy to announce that Network Alliance has successfully completed a SOC 2 Type I...