How to Spot & Avoid Phishing Emails

Phishing scams are not a new threat to data security, but they are becoming increasingly risky as hackers are constantly improving the complexity of their scams. Now is the time to learn how to spot them, report them and keep your important information safe.

What is a Phishing Scam?

Phishing scams are one of the most frequent forms of cyber crime which makes them important to understand, spot and then avoid. In order to protect yourself from falling for a phishing email, you must first understand what that is so that you can avoid and report these whenever they come up. 

Phishing is a form of hacking where bait, usually in the form of a fake link or file, is disguised to look real and sent to a person’s email. These false links typically look very similar to the actual main page of the website so that people will click on it without realizing it and then log into their account in a seemingly normal manner. 

However, the information entered on that false website will not be obtained by the hacker who set the phishing scam. Since phishing scams almost exclusively occur via email, it can be challenging for platforms and users to filter out those emails that are not legitimate. 

Spotting A Phishing Scam in your Inbox 

Google now estimates that it blocks 99.9% of spam and phishing emails daily however, that would still mean that almost 20,000 phishing emails are sent out each day. The techniques of phishing have changed and improved over the years but there are a few signifiers that the message in your inbox may actually be a phishing scam. 

Here are some of the most common signs that the email you received may not be what they claim to be: 

Fraudulent email or web addresses 

  • Examples of this would be adding numbers or letters to the typical address for a company such as janedoe@walmart123.com instead of a trustworthy domain email  janedoe@walmart.com. 
  • This is not a foolproof method however as some smaller companies do utilize third party email providers, but this is something to keep an eye on! 

Grammar and Spelling Errors

  • One of the most common indicators of a scam email is the use of poor grammar or spelling. A message from a reliable company will be well-written. The use of grammar mistakes is actually to narrow the pool of targets to those that are less observant or perceptive of the risk. 

Not Addressed to Individual

  • When sending account related emails to customers, most companies are programmed to address those emails specifically to the people on that account. Although a hacker could use your name, if you see a questionable email that begins with “Dear Customer”, I would check for other red flags. 

Scare Tactics 

  • Most phishing emails are set up as scare tactics that try to use that call to action to get you to click on the invite button and then share your information. If you have concerns that your account could have been hacked, use a new browser to search the main website and verify your account’s security.

These are the most frequent indicators of a fraudulent email. However there are certainly times when these clear signs of error will not be noticeable. That is why you should have a critical eye on all the details of an email before ever giving your information as requested. Beyond scanning for these red flags, there are other steps that you can take you avoid falling for a phishing attack.

How to Avoid Phishing Attacks 

Above we discussed a few specific signs that a message may be fraudulent and therefore shouldn’t be trusted but there are also steps to take in your day-to-day life to minimize your chance of falling for a phishing scam. 

Keep Personal Information Off the Internet 

Although this may seem like out-dated advice, it is a smart ground rule to never give out personal information on the internet. In order to be safe, never give personal or financial information into pages that were directly linked from an email. If you must, don’t go through an email but rather visit the company’s main website to complete this task. 

Review Bank Account Regularly

Obviously financial information is one of the most desirable types of information for hackers, therefore be sure to personally review your account and bank statements as well as changing your passwords to bank or credit card sites regularly. 

Update & Use Browser Protections 

Make sure to keep up with browser updates since those typically address any weaknesses that have led to increased phishing attempts. Most popular browsers also allow or even default the usage of a pop-up blocker to help prevent pop-ups since frequently that is another common tactic for phishing attempts. 

Use Common Sense 

This is important to keep in mind with all internet interactions - email, social media or otherwise. Read, think and analyze the warning signs before clicking on the message that you receive. Keep in mind that no one will be sending a large prize to your email out of nowhere and companies will be careful to only contact you on the correct email tied to your account. 


Need HIPAA help?

Accountable can help you achieve HIPAA compliance for your company.

More Articles