Cybercriminals have long taken advantage of the fact that we all get too much email. In our quest to keep our inboxes relatively empty, it’s very easy to click on something that LOOKS legitimate. When your computer then slows down dramatically, you start to think that maybe that email wasn’t all that it seemed to be.
There are several warning signs that you can use to easily identify phishing and other scams, and route them directly to the trash bin.
First, don’t trust that the sender shown in the FROM field is actually the person who sent the message. Internet email was designed in the 1970s and security wasn’t even a consideration. It’s the work of a second to “spoof” the FROM field to be whomever you want, if you’re a scammer. If you aren’t expecting a message from someone, and one shows up unannounced, that’s a good sign the message is bogus.
Does the email contain a clickable link to a web site? If so, hover the mouse pointer over the link but don’t click. In a few seconds, you’ll see the real destination. For example, if the link shown in the email says www.suntrust.com but when you hover over it, it looks like xxx.badsite.ru then you know it’s a scam. Delete it.
Always check the overall layout of the message. Is the spelling and capitalization correct? Does the grammar look passable? And what is the salutation? Does the sender start with Dear {your name} or do they use a generic greeting? Last, is the word “urgent” in the subject line? If any of these conditions look even slightly off, be paranoid and delete it.
Does the message ask for personal information of any kind, or do they say you need to enter a user ID and password at a website? Reputable email senders (banks, insurance companies, mail-order companies) already have this information and don’t ever need you to re-enter it. Be doubly suspicious if the message references some kind of imminent account closure, cleanup or other maintenance.
Attachments are a conduit for dropping bad software on your computer. If the message has a warning about a shipping delay or includes a “bill,” don’t open it. If you don’t open the attachment, you’re not in danger.
Real emails usually have a signature with a phone number and return address, along with organizational or personal information. If the one you’re questioning has what looks like a picture copied from a legitimate website, it’s a forgery.
A warning sign that’s easy to spot is bizarre formatting. Many phishing emails are created automatically and the scammer doesn’t check what they look like before he or she sends them. So, if the message has multiple colors, fonts, lots of white space (or none at all), just throw it in the trash.
Many folks worry that they will be too paranoid and throw away a real message. It’s far more likely that you will open a bogus piece of electronic correspondence than the reverse. Take the attitude that if it is important, legitimate and you delete it, the sender will write back. The worst you have to do then is apologize for the delay in answering.
