8 Best Practices to Avoid Falling for Phishing Emails

What is phishing?

Phishing is a type of online scam where criminals pose as a legitimate organization or person in order to trick you into giving them sensitive information, such as your login credentials or credit card number. They do this by sending you an email that looks like it’s from a legitimate source, such as your bank or a popular online retailer, and includes a link to a fake website that looks identical to the real one.

How can you avoid falling for phishing emails?

There are eight key things to look out for that can help you spot a phishing email:

  1. Check the sender’s address: Phishing emails will often use spoofed addresses that look similar to the address of the organization they’re pretending to be. For example, an email from Amazon may come from “amazon.com” or “a-mazon.com” instead of the real address, which is “amazon.com.”
  1. Look for typos and grammatical errors: Phishing emails are often full of typos and bad grammar, so this can be a dead giveaway that it’s not a legitimate email.
  1. Be wary of unexpected attachments or links: If you receive an attachment or link from someone you don’t know, or from an organization you do business with but didn’t expect to hear from, be very careful before opening it. It could contain malware that will infect your computer or take you to a fake website designed to steal your information.
  1. Don’t reply to the email: If you think you may have received a phishing email, do not reply to it or click on any links. Instead, contact the company or person directly to confirm that the email is legitimate.
  1. Report the email: If you’re sure the email is a phishing scam, report it to the company or organization that it’s impersonating and to the FTC at ftc.gov/complaint.
  2. Be cautious of pressure to act immediately: Phishing emails often try to create a sense of urgency by telling you that you need to take action right away. For example, they may say your account will be suspended unless you provide your login information or click on a link. Don’t fall for it!
  1. Be suspicious of generic greetings: Many phishing emails will start with a generic greeting like “Dear valued customer” instead of using your name.
  1. Know what to do if you’ve been scammed: If you think you’ve fallen for a phishing scam, act quickly to minimize the damage. Change any passwords that you may have given out, run a virus scan on your computer, and contact your bank or credit card company to let them know what happened.

Consider working with a cybersecurity provider

Even if you’re vigilant about spotting phishing emails, it’s impossible to be 100% safe from them. That’s why working with a cybersecurity provider can give you an extra layer of protection. Cybersecurity providers can help you filter out malicious emails and protect your sensitive information if you do accidentally provide it to a phisher.