Have you ever received an email stating you “won $1,000,000” or that you need to “update your credit card information”? It sounds like you were most likely targeted by email phishing. Phishing is a technique that hackers use to trick people into giving out their personal details or account information. Scammers use emails or text messages with fabricated messaging to gain passwords, account numbers, or even a social security number. Phishing tactics are getting more advanced and more frequent, so knowing how to spot scamming attempts and learning how to avoid these attacks can help keep your personal information safe.
Step 1: How to Recognize Phishing
Scammers are getting smarter in their technique when sending out phishing emails and text messages to the public. They use real, well-known company logos and try to send them through generally trusted sources, such as Amazon or Netflix by creating fake accounts to send out emails that look more legitimate.
With that in mind, you need to know how verified emails and fake emails differ from one another to spot the scam. A verified email from a legitimate company will not ask you to share your personal information over an email exchange. This should be a red flag when a company is asking for authorization of your account.
Another clue would be the greeting on an email. If the company is legitimate, they usually refer to you by your name. If the email calls you a general term such as “customer” or “account holder,” the information is most likely not genuine. Some will even greet you with your email address, which is not how an authentic company would address you.
Make sure that you verify domain names and URL links on an email as well. Companies will send from email addresses containing their specific domain, not from a Yahoo account or another general domain. If the hyperlinks on the document do not match the company’s website, they should not be clicked on. This could be a method to gain access to your computer or phone and install malware on your device.
Another thing to be mindful of is that there are even more advanced phishing emails out there targeting specific customers or groups of people. This is known as spear phishing. The messages sent through spear phishing emails will have a targeted advertisement or inquiry that relates to an existing account you have with a company, especially one that has just experienced a data breach. This makes it more likely for a consumer to mistake the fake email for a real, legitimate email.
Step 2: How to Protect Yourself
The first phase of email security should start with your spam folder. This filters out all of the obvious phishing emails from your inbox to protect your information. This feature should not be the only level of security you use to protect your devices. Installing security software on your computer and phone can help reduce your risk of a phishing attack.
Another helpful tip is to stay away from these fabricated emails all together. When you learn how to recognize the threat, you can avoid clicking on any phishing links or opening unsafe attachments. If you do not engage in the actions that a scammer is urging you to take, you protect yourself from the infiltration of your accounts and the installation of harmful malware targeting your personal information.
Step 3: How to Report Phishing
Many email platforms and sites do not want these phishing emails or text messages out there disguised with their name or logo, so they encourage you to take the time to report this messaging. The US-CERT (United States Computer Emergency Readiness Team) has partnered with the Anti-Phishing Working Group to help avoid people becoming victims of these scams. If you receive a phishing email, you can forward it to email@example.com or if you are using Outlook, you can send copy the email and send it to firstname.lastname@example.org.
If you receive a phishing text message, you can forward it to SPAM (7726) to report the attack. The Federal Trade Commission will also accept phishing reports at ftc.gov/complaint. If you ever receive any suspicious emails from D & P, note that we will never ask you for your password or credit card information via email. So if you do, please report it to our support team for further evaluation.
Do not take the bait sent out by these scammers in phishing emails and text messages. Always keep your computer security software up to date. Be aware of fake accounts and skewed messaging being sent to your email address. Avoid clicking on any links or attachments from untrustworthy sources. And finally, report any suspicious mail or texts delivered to you. Protect yourself and your personal information by being hyper-vigilant and knowing how to spot phishing attempts.