Do you know how to spot a phishing scam?
Phishing emails, or emails which try to extract sensitive information are all too common these days. Just last week, thousands of students and staff at Coventry University were victims of an email phishing attack which locked them out of their university accounts. But with fraudsters being more and more savvy, would you know the difference between a legitimate email and a phishing scam?
If you receive an email which you think looks suspicious, don’t click on any links or open any attachments, report it to your IT Support Desk and delete it from your Inbox.
Here’s some things to be aware of when you receive an email which looks suspicious:
Most of the time, phishing emails won’t be addressed to you by name. Instead they’ll use terms like “Customer” or “User”.
To make you take action, phishing emails often impose deadlines, such as “Log in before 12pm or this will expire”, “Enter your details now or your account will be closed”.
Sense check it
If it’s saying you have a receipt for iTunes but you don’t have an iTunes account, this doesn’t make sense. It’s definitely a scam. The same goes for if you’re not expecting to hear from the organisation that sent it, think twice before opening.
Often there will be typos in the email or sentences that don’t make sense.
Hover your mouse over buttons and links to see what the URL looks like, often they’ll contain an unknown website with a company name tagged on the end to make it look more legitimate.
Sender email address
Expand information about the sender and you’ll often find that their email address is different from the trusted organisation’s website address, this is a big red flag.
If you get an email from an organisation known to you, check with them by accessing your account through an internet browser, or contacting them directly. Never click on the links from the suspect email.
- Keep an eye on your junk folder in case legitimate emails end up in there by mistake.
- Check if the email is on the list of known spam and scam emails that certain internet security companies offer, such as McAfee and Symantec who offer this feature on their websites.
- Make sure you have spam filtering switched on for your email client.
- Set up junk filters to block emails from untrusted sources.
- When sending an email to multiple people use the blind copy box (BCC) to protect email addresses if the email ends up in the wrong hands.
- Delete email addresses of previous email strings before forwarding or replying.
For more information on protecting your computer from spam and scam email, see advice and tips from Get Safe Online and take Google’s Phishing Email Quiz to see how good you are at spotting real emails from the fake ones.