9 Signs That an Email Might Be a Phishing Scam

Phishing attacks are still a weapon of choice for cybercriminals. The most common way they carry out phishing attacks is through email messages. In email phishing scams, digital con-artists use a convincing pretense to lure you into performing an action — usually opening an attachment or clicking a link. Doing so can lead to malware being installed on your computer or your personal information being stolen.

One of the best defenses against this type of cyberattack is being able to spot phishing emails.

An email might be a phishing scam if it contains one or more of these 9 signs:

1. A Generic Greeting

When cybercriminals send out phishing emails, they send them out to the masses. In a typical phishing attack, emails are sent to about 1 million people, according to Cisco Systems. As a result, the digital con-artists often start the emails with a generic greeting, such as “Dear member” or “Dear Acme Bank customer”.

Another way cybercriminals avoid personal greetings is by using the recipient’s email address as the greeting (“Dear JaneDoe@ABCServices.com”) or just including a simple “Hello”. Occasionally, they might not even include a greeting.

2. A Request to Update or Verify Information

The goal of some phishing attacks is to get personal information. Digital con-artists like to do this by posing as a legitimate financial institution (e.g., a bank) and asking you to update or verify your information. If an email asks you to update or verify your password, credit card number, or bank account number, it is most likely a scam.

3. A Sense of Urgency

A common tactic to get you to fall for a phishing scam is to create a sense of urgency. Cybercriminals first let you know about a problem that requires your attention. Then, they let you know that there will be unfortunate consequences if you do not take action quickly. For example, an email supposedly from a service provider might say that your credit card on file has expired and if you do not update it in the next 48 hours, you will experience a disruption in the service.

4. A Deceptive Email “From” Address

Phishing emails sometimes include a deceptive email address in the “From” field. At first glance, the email address might seem legitimate. For instance, a digital con-artist might send out an email message using the address “account-update@amazan.com” instead of the real “account-update@amazon.com” address. A deceptive email “From” address increases the chance of someone falling for the scam.

5. A Deceptive URL

Many phishing emails include deceptive URLs. A deceptive URL is one in which the actual URL does not match the displayed linked text or web address. For example, the displayed text might specify a legitimate bank name (“Chase”) or bank web address (“www.chase.com“), but when you hover your cursor over it (without clicking it), you might discover that the actual URL leads to a website in Russia. These deceptive links can lead to fake websites that try to get your personal information or install malware on your computer.

6. An Attachment

Legitimate organizations typically do not email files out of the blue. So, unless you specifically requested a document from an organization, be wary of any attachments supposedly emailed by one. Similarly, be wary of attachments emailed by individuals if you did not request any files.

Many different types of files can contain malicious code, including PDF files, Microsoft Word (DOC and DOCX) documents, and executable (EXE) files. Opening these attachments might lead to malware being installed on your computer.

7. Misspellings or Grammatical Errors

Many phishing emails come from cybercriminals in foreign countries, so they might contain misspellings and grammatical errors. Plus, cybercriminals might intentionally misspell words to get their emails past spam filters. For instance, they might use “Free V1agra” instead of “Free Viagra” to get their phishing emails past spam filters.

8. A Request for a Donation

Preying on people’s compassion, digital con-artists often send out phishing emails that pretend to be collecting donations for the victims of a disaster. One of the most well-known cases occurred after Hurricane Katrina. Cybercriminals sent out phishing emails asking recipients to donate to the Red Cross relief effort. Email links took the victims to various websites that looked like legitimate Red Cross donation pages. However, the cybercriminals created these spoofed websites for the sole purpose of stealing donators’ credit card numbers, PayPal passwords, and other personal information. The American Red Cross reported finding more than 15 of these bogus websites.

More recently, GoFundMe reported that it is monitoring more than 150 GoFundMe sites claiming to raise money for victims of the shooting tragedy in Orlando, Florida.

9. A Notice about Winning a Prize

Although they are not as common as they used to be, you might still encounter phishing emails that inform you about a lottery or contest you won. To claim it, the cybercriminals usually ask you to pay a processing fee as well as provide some personal information. If you receive an email that says you won a lottery or contest you did not enter, delete that email because it is a phishing scam.

Get the most from your IT

As service providers to more than 300 companies, the dedicated professionals at MicroAge are second to none when it comes to managed services. By improving efficiency, cutting costs and reducing downtime, we can help you achieve your business goals!

Most commented posts

Monitor and Communicate About Business Performance

Turn business data into visibile insights If you want to interact with your business data in a more impactful way, convert your Excel reports into…

Read More

What the End of Support for Windows Server 2008 Means for You

Cloud services that allow us to store data online are critical to the operations of thousands of businesses around the world. However, as technology marches…

Read More
business continuity plan de continuite des affaires

How COVID-19 Confirmed the Importance of a Business Continuity Plan

Business owners didn’t see the global health pandemic coming, just like most of the rest of the population. People were sceptical in the early days…

Read More

Top 5 Methods Hackers Use to Access Your Private Data

Cybercrime is on the rise across the world and it is incredibly costly to businesses. More than 66 million new viruses and malware packages have…

Read More
electronic signature

The Benefits of Electronic Signatures for SMBs

An electronic signature is a process of attaching an encoded signature to an electronic document. Electronic signatures are legally binding based on federal and provincial…

Read More