Don’t Get Phished: Spotting a Suspicious Email

We rely on email for everything from work communication to banking updates. But with that convenience comes risk. Phishing scams, where attackers try to trick you into giving up personal information, are more sophisticated than ever.

So how can you protect yourself? By learning to spot the red flags. Here’s what to look for before you click anything:

1. Check the Sender Address Carefully

Don’t just glance at the name; look at the entire email address. A message claiming to be from your bank, but sent from “john.doe123@randommail.com,” is a clear warning sign.

• Hover over the sender’s name (without clicking) to reveal the full email address.
• Look for misspellings or slight variations in the domain name (e.g., “amaz0n.com” instead of “amazon.com”).

2. Scrutinize the Subject Line and Greeting

Phishing emails often use alarming or urgent language to pressure you into acting quickly.

• Be wary of subject lines like “Urgent action required,” “Your account has been compromised,” or “You have won a prize!”
• Generic greetings like “Dear valued customer” instead of your name can also be a red flag.

3. Beware of Suspicious Links and Attachments

Never click on links or open attachments from senders you don’t recognize. They could download malware onto your device.

• Hover over links (without clicking) to see the actual URL. Does it match the text of the link and the supposed sender?
• Be cautious of attachments, especially .exe, .zip, or other executable files. Legitimate organizations rarely send these unsolicited.

4. Watch for Requests for Personal Information

Reputable organizations will never ask for sensitive information like passwords, credit card numbers, or Social Security numbers via email.

• Be suspicious of emails requesting you to “verify” or “update” your account information by clicking a link.
• Remember, it’s safer to access your accounts directly by typing the URL into your browser or using your bookmarks.

5. Consider the Context: Is This Expected?

Think before you click. Were you expecting an email about this topic from this sender?

For example, if you receive an email claiming to be from your state government about a “bailout” for unpaid liabilities, consider the recent news. The Federal Government recently warned states against expecting bailouts for such liabilities. This context makes an email about a state “bailout” highly suspicious.

Always verify information from unexpected emails with the supposed sender through official channels. Don’t rely solely on contact information provided in the email itself.

6. Trust Your Gut Instinct

If something feels off about an email, it probably is. Don’t be afraid to err on the side of caution and delete it.

By staying vigilant and following these tips, you can significantly reduce your risk of falling victim to phishing scams.