What is a phishing email? Phishing emails are designed to look like they’re from a legitimate, trustworthy source. Their goal is to trick you into clicking on links or opening attachments that can lead to identity theft and other forms of fraud. Phishing was 2021’s top infection strategy, and the brands that were most imitated in phishing attacks are among the largest and most trusted companies: Microsoft, Apple, and Google. To avoid becoming the victim of a phishing attack from spam emails, follow these simple steps:
Delete Emails That Ask you to Reply With Personal Information
If you receive an email (especially one that looks like a spam email) that asks you to reply with personal information, delete the email immediately. If you think an email is legitimate and want to reply, take the time to research the purported source and validate the email’s authenticity by contacting the source through their direct website or by phone. Don’t assume that just because someone has your name it’s legitimate; they could have stolen that information from anywhere. Even if it appears as though a friend or family member has sent you a message asking for personal information or money, don’t trust it! Always check with them before replying by phone or through another channel (like a text message).
Hover Over Links to See Where They Go Before Clicking
You might think that phishing emails are only sent to you by email, but that’s not true! Phishing can come from text messages, apps, social media posts, and ads. If you click on a link sent to you through those mediums, it could take you to a fake website and steal your personal information. As a precaution, it is advisable to hover over links before clicking them to see where they go — be careful because phishers are getting craftier by including words like “copy” or “get this link” as part of their URLs. This tip is especially useful if the email you’re looking at was caught by the Gmail spam filter.
Check the Email Address of the Sender to Avoid Phishing Email Attacks
You should also check the email address. If the sender’s address is different from what you would expect or contains typos, then it could be a phishing email. When in doubt, start a new message to the person and ask them if they emailed you.
Don’t Trust Emails That Create a Sense of Urgency or Fear
A good rule of thumb is to be wary of emails that create a sense of urgency or fear, as they are usually scams. For example, the IRS will never email you about your tax account. They will only contact you by mail or phone. And, if you receive an email that sounds too good to be true, it probably is. A common phishing scam is when scammers pose as an online retailer and send out emails with discount codes or coupons. They want you to click on the link and sign in so they can steal your credentials.
Don’t Use Public Wi-Fi When Accessing Important Accounts
We all know that public Wi-Fi isn’t secure and that using it without the proper protection is asking for trouble. But if you’re traveling and need to access an important email account, don’t rely on public Wi-Fi. A good VPN will encrypt your data and keep it safe from prying eyes—and not just the ones lurking in the shadows at Starbucks. The same goes for social media accounts: when logging into Facebook or Twitter from a hotspot, be sure to use a VPN so nobody can steal your credentials through a man-in-the-middle attack.
Use Proper Password Habits to Counteract Phishing Emails
If you’re using a password manager, you’re already on your way to having strong passwords. More specifically, we’re referring to tools like 1Password and LastPass that provide secure keys for accessing individual sites, as well as auto-filling text fields (like usernames and passwords) when logging in. These managers generate unique and complex passwords for each page or service you visit, which will keep hackers from guessing your login credentials if they’re ever leaked publicly. If you don’t use one of these apps yet, we hope this article has convinced you that it’s time to start!
Next up: change those passwords regularly! This ensures that anyone who has access to your information only does so for short periods of time—and forces them into the position where they have less time to breach your accounts. Don’t be afraid to experiment with different forms of encryption or backup methods; just make sure whatever method(s) you go with will keep up with today’s tech landscape alongside future developments too!
Watch for Suspicious Text Messages
While phishing emails are the most common method for hackers to steal your personal information, it’s important to recognize that text messages can also be used for this purpose. SMS phishing, also known as Smishing, is a targeted attack carried out by text message that usually contains malicious links aimed at stealing your information. Phone numbers can be spoofed, so if you receive a text from someone claiming to be your bank or even the IRS asking for your login information or account number, beware. It’s likely a scam.
Only Open Attachments From People and Companies you Trust
If you receive an email from a person or company that you do not know, don’t open any attachments. An attachment can contain malicious software (malware) that can damage your computer and steal personal data. If you do receive an email that includes an attachment, do not click on links or buttons in the body of the email—even if it seems like you are being asked to do so by someone you know and trust.
Enable Two-Factor Authentication Whenever Possible
Two-factor authentication, also known as 2FA, is an extra layer of security that can help protect your email accounts from being hacked. With 2FA enabled, even if a hacker manages to obtain your password, they won’t be able to access your account without the additional security code that is generated by a separate device.
One of the biggest advantages of 2FA is that it makes it much more difficult for hackers to gain access to your email account. Even if a hacker obtains your password through a phishing scam or some other means, they won’t be able to log in without the security code that is generated by your 2FA device. This added layer of protection can help prevent your account from being hacked and your sensitive information from being stolen.
Another benefit of 2FA is that it can help you detect when someone else is trying to access your account. Most 2FA systems will send a notification to your phone or another device whenever someone tries to log in with your email and password. This can alert you to any suspicious activity and give you the opportunity to take action before your account is compromised.
If you Suspect you Have Been the Victim of Phishing, Report It Immediately
If you think you've been the victim of a phishing attack, there are several steps you should take to protect yourself and your sensitive information:
Change your password immediately
This will prevent the attacker from continuing to access your account, even if they already have your password. Be sure to choose a strong, unique password that you don’t use for any other accounts.
Enable two-factor authentication on your account, if possible
This will add an extra layer of security and make it much more difficult for the attacker to gain access to your account, even if they manage to obtain your password.
Check for any suspicious activity on your account
Look for any unfamiliar logins or changes to your account settings, and revert any changes that you didn’t make yourself.
Alert your email provider
Many email providers have systems in place to help protect their users from phishing attacks. By letting them know that you’ve been the victim of a phishing attack, you can help them improve their defenses and protect other users from similar attacks.
Even after you’ve taken steps to protect your account, it’s important to remain vigilant and avoid falling for phishing scams in the future. Be wary of any emails that ask you to click on a link or download an attachment, and never provide personal or financial information in response to an email, no matter how legitimate it seems.
Bottom Line: Phishing Emails
It is important to be cautious and aware of potential phishing attempts in order to protect yourself and your personal information.
Here are some tips for avoiding phishing scams:
Be wary of unsolicited emails, texts, or calls that ask for personal information. Legitimate organizations will not typically ask for sensitive information through these channels.
Be cautious when clicking on links in emails or messages. Instead of clicking on the link, try hovering over it with your mouse to see the true destination of the link. If the link seems suspicious or does not match the organization it claims to be from, do not click on it.
Be on the lookout for poor spelling and grammar in emails and messages. Scammers often have poor language skills and may include grammatical errors in their communications.
Use strong, unique passwords for each of your online accounts, and avoid using the same password for multiple accounts. This will make it more difficult for hackers to gain access to your personal information.
By following these tips and being cautious of potential phishing email attempts, you can help protect yourself and your personal information from online scams.
You may also like
How the New Gmail 2FA Regulations Might Affect You
Learn about the new Gmail 2FA (multi-factor authentication) regulations and how they might affect the way you use email and other services.Read More
Email Security Best Practices for Small Businesses
Email security is extremely important for any small business. Here we look at how to build a set of best practices so your company stays safe.Read More