You've probably seen one before: An urgent email from a service provider, insisting you take action right now. The email helpfully includes a button or link to help you get the issue resolved. But how do you know the email is legitimate?
These kinds of emails - called phishing - target unwitting email recipients with the goal of hacking into your computer, device or online accounts. Once your accounts have been breached, the perpetrators may gain access to your account numbers and have the ability to conduct fraudulent activity or even steal your identity.
Common phishing practices include emails pretending to be from the government, financial institutions or even a a common service provider or retailer such as Amazon or Netflix. Many of these emails are written in a manner that heightens concern in the receiver: your account details need to be updated, or there's a problem with your billing. The phishers are hoping you’ll react quickly by clicking a link in an attempt to resolve the issue. Don’t.
To protect yourself from phishing email scams, follow these tips. Using these simple strategies, you can confidently hit “delete."
- Check the sender’s email address. Does the From field match the email? Is it spelled correctly or does it feature a slight misspelling?
- Check for deceptive URLs. It’s easy to mask a URL with a false name. But, it’s also easy to uncover the mask without clicking on the link. Simply hover your mouse over the link. A dialog box should appear next to the link or at the bottom of the page to reveal the true URL code. Likely these will not be the same and the delete key is your best defense.
- Skip the link and go to the site directly. If the email is from a known source, do not respond to the email. To determine if the issue is authentic, go directly to the site and log in as a site user.
These simple measures can help protect your privacy and account security. Find more helpful tips on our Security page.