We all do it—open our email accounts and quickly fly through and delete the spam before settling in to sift through messages that have some value to us. But before you start clicking links or downloading files, are you certain that none of those seemingly valued emails is actually from a cybercriminal posing as someone else in a bid to install malicious software on your computer and steal your data and personal information?
There are some red flags that can help determine if an email is legitimate. Pass these tips on to others, so they can defend their information against cybercriminals, too.
Spelling and bad grammar: Legitimate companies employ copy editors to review content before circulation, so there should be no spelling or grammatical errors. Cybercriminals, on the other hand, tend not to worry about such niceties. Beware when you see misspellings or other grammatical inaccuracies.
Links in emails: Look before you click. Whenever an email contains a link that you want to access, before you click to open it, hover your cursor over the link to see if the addresses match. If not, refrain from clicking the link.
Threats: One sign that may indicate a phishing scheme is receiving a threat, such as, “Your account will be closed if you don’t respond by clicking the link below.” Another red flag is alerts that your security has been compromised.
Spoofing companies and websites: These are e-wolves in sheep’s clothing. Often, cybercriminals will place logos and other imagery belonging to the companies they’re impersonating into the message body, then link those images to their malicious scam sites. If you do click on an image and are brought to the supposed site, look closely at the URL. Some scammers will use an address that closely resembles the URL of the company they’re looking to imitate; an example would be http://www.applle.com. You can also use the hovering maneuver with images.
So now that you know what to be aware of, the next hurdle is determining what to do if you have been subjected to a scam. First, report it. If you’re a Microsoft Office Outlook user, attach a copy of the email to a new email and send it to firstname.lastname@example.org. Most importantly if you have been a victim, change all PIN numbers and passwords on any accounts that may have been compromised. Contact your bank or online merchant if threats were issued saying your account has been compromised. Call your financial institution and have a fraud alert placed on your credit reports. If your accounts have in fact been accessed, cancel those accounts and open new ones. Continue to closely monitor your account statements for unexplained transactions.