Phishing is one of the everyday threats users face when surfing the net. Scammers take advantage of how popular email com­mu­nic­a­tion is and exploit this means of com­mu­nic­a­tion by in­und­at­ing inboxes with fake messages. These include dubious links (to fake websites) and reply addresses, which are used to obtain the data of un­sus­pect­ing users. We reveal how to identify phishing emails so you can protect yourself from data theft.

Business Email
Discover a new way to email
  • Write perfect emails with optional AI features
  • Includes domain, spam filter and email for­ward­ing
  • Best of all, it's ad-free

How do scammers use phishing emails to their advantage?

The basic aim of phishing is simple. Cy­ber­crim­in­als send out emails where they pose as banks, payment services, online mar­ket­places, or e-commerce service providers. These emails invite un­sus­pect­ing users to complete forms or to follow links to seemingly official website in the hope that they will end up revealing sensitive data when they are asked to log in. Phishing attacks aim to obtain usernames, passwords, PINs, and TANs so that scammers can make trans­ac­tions or order goods on the user’s behalf. Many victims of phishing email attacks first notice that their bank accounts or payment service accounts have been hacked when they look at their bank statement and see that unusual goods have been purchased or money has been trans­ferred.

Note

If you don’t already have one installed, you should get a good anti-virus program and effective password support to secure your data against fraud­u­lent activ­it­ies.

The best tips on how to identify phishing emails

Being careful about what you open is sometimes all that’s needed to protect yourself from fraud­u­lent emails. You can usually identify phishing emails as they’re from unknown senders and are addressed im­per­son­ally. They also contain spelling errors, sus­pi­cious links or online forms. Here are the top tips on how to identify phishing emails and ef­fect­ively protect yourself from attacks:

Tip 1: Check the name and the address of the sender

When you receive an official email that is allegedly from your bank or an online service provider, you should first have a look at the sender. Ask yourself who sent you the email? Do you have any business con­nec­tion with the sender? Did you actually give them your email address? Have a look at the full email address and compare it to other emails you might have received from them. If there are any in­con­sist­en­cies, exercise caution.

Tip 2: Check the greeting

The way in which you’re addressed in the email is one way to know how to identify phishing emails and can reveal whether one is le­git­im­ate or not. Service providers that write to their customers usually address them by name. Scammers don’t always know the email recipient’s name so if a message begins with ‘Dear Sir or Madam’ or any other standard greeting, you should wonder why your bank or supposed online business partner doesn’t know your name.

Tip 3: Check spelling and grammar

If a message contains a lot of gram­mat­ic­al mistakes and spelling errors, that’s a clear sign that a bank employee didn’t write it. These types of errors as well as un­in­tel­li­gible para­graphs are a major in­dic­a­tion of fraud­u­lent emails that were written in another language and then auto­mat­ic­ally trans­lated.

Tip 4: Check for po­ten­tially fraud­u­lent links

It’s not ne­ces­sar­ily a bad sign if an email includes a link. But before you click on it, you should make sure that it leads to a reputable site. Hover over the link with your mouse and see what web address appears in the bottom left of your browser window. Is this address con­sist­ent with the service provider’s URL? Are there any security features such as HTTPS, which signifies secure data trans­mis­sion? If you’re in doubt, play it safe and don’t access the website.

Tip 5: Do not enter data via email

No serious service provider will ask its customers to enter their details via email. A cor­res­pond­ing HTML form, in which you are told to enter login details and passwords, is a clear in­dic­a­tion of a phishing email. PINs and TANs are also never asked for over the phone or via email. Only enter data like this on the official service provider’s site, whose au­then­ti­city can be checked with security cer­ti­fic­ates.

Tip 6: Beware of at­tach­ments

There’s def­in­itely reason to be concerned when un­ex­pec­ted messages have at­tach­ments. Heed the basic rule that if you don’t know the sender, don’t download the at­tach­ment. It might contain malicious programs such as viruses or Trojans, which can in­filt­rate your computer and read sensitive data. If this happens, doing online shopping and making banking trans­ac­tions will no longer be secure on your computer.

Tip 7: Don’t feel pressured

If an email requires you to take urgent action, you should be wary. Scammers often pull out the big guns to put internet users under pressure and cause them to make hasty decisions. No reputable service provider threatens to block your credit card or send the debt col­lect­ors round via email. Nor do they demand you to enter your password or to download an attached file. If in doubt, contact the service provider’s customer hotline.

How to combat phishing emails

If you’ve dis­covered a phishing email, you should move it to your spam folder and block the sender before you delete it. This is how you can make sure you don’t receive any more emails from this address. If you want to curb the rise of spam messages in the long term, you can contact the service provider who allegedly sent the phishing email. Many providers can easily be contacted via pro­fes­sion­al email forms, which you can use to report phishing attempts.

MyDe­fend­er
Safeguard your data with easy cyber security
  • Regular virus scans
  • Automatic backups and simple file recovery
Go to Main Menu