The best ways to protect yourself from phishing emails

Phishing is the most common form of cyber crime; estimating around 3.4 billion phishing emails being sent to people across the world daily (AAG, 2023). Anyone and everyone is a target and the consequences of becoming a victim to a phishing attack can be detrimental to your safety and privacy. Continue reading to educate yourself on what phishing emails are and how to prevent yourself from a phishing email attack.

What are phishing emails?

Phishing emails are a type of online scam where cybercriminals attempt to steal a company or person’s personal information through deceptive messages and malicious links in an email. The goal of a phishing email is to obtain financial information like credit card numbers, account numbers, or banking passwords; personal information such as a home address, username & passwords, or IP address; or confidential business information like business strategy and plans, login information, or confidential sales numbers. Cybercriminals have become more and more crafty and deceitful in creating their phishing scams to steal this important information. There are helpful tips to keep your email safe and protect your personal information from a phishing attack. Follow along below to learn how to identify, avoid, and protect yourself from phishing email scams.

How to identify phishing emails

There are many tactics cybercriminals have in an attempt to deceive you with their phishing scams but fortunately, there are also many ways cybercriminals expose their phishing attempts and make it easier for you to spot phishing emails. Here are the most best identifiers for phishing emails:

Unofficial email address – Phishing emails often have illegitimate email addresses. Click on the address and check if the email domain looks suspicious. For example, if you have received an email from a company appearing to be Apple, double check that the email domain ends in @apple.com instead of something unusual like @apple560.com. Another identifier is if the domain is misspelled with a character or two off: @apple.com versus @app1e.com.

Poor grammar – An obvious giveaway of a phishing email is bad spelling, syntax and grammar. Phishing emails often have poor grammar because cybercriminals do it intentionally to sneak by email filters or it happens mistakenly from foreign cybercriminals having poor translation. If an email appears to be coming from a legitimate company or organization but the grammar is bad, keep in mind that proper companies and organizations almost always will have correct spelling and sentence structure in their emails. Actual businesses have employees who edit and double check the contents of emails because they want to be professional, taken seriously, and be trusted by their customers. So, emails from legitimate companies and organizations should have minimal, if any, grammatical errors.

Suspicious attachments – Cybercriminals use attachments in phishing emails in hopes to have the person on the receiving end open the attachment and accidentally interact with the email. Legitimate institutions usually won’t send attachments in emails, they rather customers obtain documents through their official website. For a general rule of thumb: when in doubt, do not open or download suspicious attachments in an email before investigating the sender of the email. If you are concerned or intrigued about an email you receive from a company but are unsure if the email is legitimate, your safest bet is to contact the company via the official phone or email address posted on the company’s website.

Unsolicited links – Like suspicious attachments, phishing emails also can contain many hidden or obscure links. Unsolicited links may appear as a URL that is sending you to a relevant and safe webpage but in reality will take you to a dangerous site that scans your accounts and device for your personal information. Before opening any link, regardless if the email appears suspicious or not, always make sure to hover your mouse over the link and check the URL. Take note that the text of a URL should be identical to the text of a link, so if even one character does not match, do not open the link, it is likely a phishing scam.

Generic greetings or no greeting – Phishing emails often start their message without a greeting or with a generic greeting addressing a generalized person instead of you specifically. A generic greeting could look like “dear customer”, “dear madam/sir”, or “dear account holder”. Typically a legitimate institution will address you at the start of an email saying “dear [your name]” because you have already provided them with the appropriate information to do so. An actual company or organization wants to build a relationship with you and greeting you with your actual name is a common business tactic to build that trust. Cybercriminals do not care to do that nor do they have the appropriate information to greet you accordingly.

Common forms of phishing emails

Phishing scams come in many different forms to deceive you into interacting with the email. Cybercriminals impersonate many types of people and institutions because it increases their chances at deceiving people into giving up their personal information. Here are the most common types of phishing emails to look out for:

Impersonating a company – Scam emails impersonate large companies using various techniques: offering a free coupon, saying you need to update your account information, or an order was incomplete because of invalid credit card information. These scams often impersonate huge and very well-known companies such as DHL, Amazon, and Google. If you know of or have a relationship with a company that is emailing you, remember that most companies will not request personal information over an email. Investigate the sender and contents of the email then reach out to the actual company with their contact information from their official website to confirm whether the contents of the email are legitimate or not.

Phishing Example Impersonating a company

Impersonating a financial institution – Phishing emails impersonate financial institutions such as commercial banks, insurance companies, and investment companies. These emails will claim that there is some sort of financial issue or financial opportunity. For example, that a large sum of money has been withdrawn from your accounts, your credit card information needs to be updated, or your health insurance is about to expire. Any legitimate financial institution will never contact you via email asking you for this information. Do not interact or respond to any emails discussing financial problems or opportunities. Reach out to your financial institution using their actual contact information and confirm whether the email you received is legitimate or not.

Impersonating someone you know – Another common type of scam email is impersonating someone you know. If you receive an email from someone claiming to be a friend who is in danger and is asking for money, stop, investigate, and trust your gut. Do not let this alarming email worry you that someone you know and care about is truly in need of help. Reach out to your friend through the contact information you have for them, and confirm if they are in danger.

Impersonating the government – Phishing scams can impersonate a government service. This form of phishing uses scare tactics to get private information out of you. For example, a phishing email may be impersonating the Social Security Administration asking for money or else you will lose your benefits, or impersonating the local police department claiming that you have committed a crime and must pay a fee to avoid a warrant for your arrest. Cybercriminals are crafty in creating ways to convince you into providing personal information and often they try to tap into humans’ sense of fear to do so. Government impersonations are a common technique they use to scare you into getting what they want.
Government Impersonation for Phishing Scam

How to stop phishing emails with WOT

Phishing emails are threatening to your identity, personal information, and finances. Keep yourself safe from phishing emails with WOT’s protection and security features. 

WOT Premium keeps you safe from email scams through its anti-phishing feature that you can access on the WOT extension and Android app. This Premium feature detects phishing attacks and alerts you of them before being exposed. Once WOT has detected a phishing email, you can follow the appropriate steps to stop receiving scam emails from this address.

WOT Premium also has an Email Protection feature that acts as a third-party spam filter, catching anything that slips by the filter of your email service. When WOT’s Email Protection detects a spam email in your inbox, you will receive a warning alert about the email so you can take the precautionary measures required to keep your personal information secured and protected.

Phishing emails threaten your personal identity, information, and devices. They attempt to trick you into exposing private information which can result in extreme financial loss or put yourself in danger. Download WOT today to keep yourself safe and protected from phishing scams.

FAQ

What are phishing emails?

Phishing emails are dangerous messages you receive in your inbox that trick you into giving up your personal information for scammers to steal your money or identity.

How do I identify phishing emails?

The main identifiers for phishing emails are an illegitimate email address, poor spelling and grammar, unsolicited links and attachments, and generic or no greetings at the start of the email.

What are the common types of phishing emails?

The most common forms of phishing emails are impersonations of legitimate institutions or people. For example, a phishing scam may impersonate someone who knows the government, a financial institution, or a large company.

How do I stop phishing emails?

The best way to stop phishing emails is to have an email protect and phishing detector on your devices. Download WOT to secure your email and eliminate phishing threats.

Share on facebook
Share on twitter
Share on linkedin

Leave a Reply

Your email address will not be published. Required fields are marked *