How to Spot and Avoid Email Phishing
Fraudsters often take advantage of our negative emotions, like fear and confusion, in hopes of misleading us, stealing our information or our money. Since the pandemic, cybercriminals have used the increased stress and anxiety in hopes of duping unsuspecting victims.
As a result, phishing, smishing and vishing attacks are on the rise. Phishing is an attempt to steal your information through email communication by pretending to be someone else. Smishing and vishing are similar attempts to steal your information, but smishing occurs via text message, and vishing occurs via phone calls.
For this guide, we’ll discuss email phishing with practical tips and advice from a fraud expert.
How to Spot and Avoid Email Phishing
We consulted a fraud expert for more information about email phishing and how to avoid email scams. We consulted Amanda Knor, Senior Lead of Fraud Operations at Enova International to understand the must-know tips for fraud prevention.
- Phishing emails may look real, but typically include slight variations in the company email address, URL or other listed information. You may also find spelling and grammatical errors in fraudulent emails that aren’t typical in professional communication.
- If you receive an email that looks questionable, don’t click on any links, download any attachments or use any of the contact information provided in the email. Don’t respond to the email for more information.
- If you want to verify the email, open a new browser window to perform an independent search to find the company, phone number or other contact information.
- You can view the real URL address of a link by hovering your cursor over the linked portion in your email. Again, fraudulent information can look real, but will vary slightly from the real company’s URL, email or other information. For example, if the email is coming from a company called “cheese.com”, the URL should also go to “cheese.com” not “chee-ese1.com”.
Email Phishing Q&A With a Fraud Expert
Want to learn more? Check out our conversation with Amanda for more information on avoiding phishing emails and scams.
Q: Beyond staying vigilant and your tips above, do you know of any specific options or tools that people can use to protect against phishing and other fraud? (e.g. high-quality email security filters, add-ons, or other quick fixes?)
A: This is tricky to answer because it really varies depending on what device you are using, whether you are using iOS or PC, and even what account you are accessing. A good way to approach any new app, email account, etc. is to spend a good amount of time going through the privacy settings to see what type of protection you can apply, or is available to you.
Q: We’ve probably all heard of the Nigerian Prince email scams from early on. Now with more advanced methods, it’s a lot harder to spot phishing email and other fraud. What are some obvious (or less obvious) signs to spot email/text/phone fraud?
A: Almost all phishing attempts have this false sense of urgency as well as some way of trying to direct you and your information back to them. Most efforts include a link to go to a fake website, install a fake app, or use a fake phone number that can record the information or money they’re trying to steal from you. Also, it’s not uncommon for the emails to have grammatical errors and/or typos which most professional communication will not have. Lastly, it’s important to look at where the information is coming from, or who is sending it.
Q: What do you recommend for less computer savvy email users in order to stay safe online?
A: A good general rule of thumb would be to make sure you have time to read the subject line, and verify the sender of each email before opening it, or downloading anything! If you aren’t familiar with the sender, or aren’t sure why you are receiving the email, don’t open it. Also, for anyone who is not computer savvy, I’d highly recommend looking into taking a local computer class. Some community centers or local libraries even host free classes!
Q: If I get a strange email without links or a phone number to call, does this mean that it can’t be fraudulent?
A: Definitely not! Some phishing emails can include an attachment, or file, asking you to download it. Again, if you have any doubts about where the email came from, who sent it, or even why they sent it, don’t open, download, or click on anything.