Is That Email a Phishing Scheme?
This article will help guide you into determining if an email is fake or not. Before we get into examples, always follow these simple rules
Core rules of “Is this email a phishing email?”
Rule #1
NEVER CLICK ON ANY LINK IN A SUSPICIOUS EMAIL
Rule #2
NEVER REPLY TO A SUSPICIOUS EMAIL
Rule #3
DO NOT FORWARD A SUSPICIOUS EMAIL TO ANYONE (EVEN US)
Rule #3a
Always send screenshots or follow guidance of your IT for submitting suspicious emails (like this article)
Examples of Phishing/ fake emails
1. They are asking for personal information – Remember, no bank or financial institution asks you to share your key personal information via email, or even phone. So, if you get an email where they ask for your PIN or your banking password, something’s not right.
Additionally, no legitimate system should email you saying that your password/ authenticator/ security is expiring TODAY or “in 2 days”. Proper systems will prompt you for a password change on your next login.
Always use the hover technique for determining links, or use a service like Google Lens to preview QR Code links before going to them!
2. The links seem to be fake – Phishing emails always contain links that you are asked to click on. You should verify if the links are genuine. Here are a few things to look for when doing that:
- Spelling – Check for the misspellings in the URL. For example, if your bank’s web address is royalbank.ca a phishing scheme email could misspell it as royalbanc.ca
- Disguised URLs – Sometimes, URLs can be disguised…meaning, while they look genuine, they ultimately redirect you to some fraudulent site. You can recognize the actual URL upon a mouseover, or by right clicking on the URL, and selecting the ‘copy hyperlink’ option and pasting the hyperlink on a notepad file. But, NEVER ever, paste the hyperlink directly into your web browser.
- URLs with ‘@’ signs – If you find a URL that has an ‘@’ sign, steer clear of it even if it seems genuine. Browsers ignore URL information that precedes @ sign. That means, the URL [email protected] will take you to mysite.net and not to any Bank page.
3. Other tell-tale signs – Apart from identifying fake URLs, there are other tell-tale signs that help you identify fraudulent emails. Some of these include:
- Emails where the main message is in the form of an image, which, upon opening, takes you to the malicious URL.
- Another sign is an attachment. Never open attachments from unknown sources as they may contain viruses that can harm your computer and network.
- The message seems to urge you to do something immediately. Scammers often induce a sense of urgency in their emails and threaten you with consequences if you don’t respond. For example, threat of bank account closure if you don’t verify your ATM PIN or e-banking password.
Repercussions of interacting with phishing/ fake emails
Sometimes, even opening a phishing email can impact your daily life. If you click on any link in an email, regardless of whether you enter any information, there’s a high likelihood that this interaction was recorded. Consequently, you may be marked as “susceptible” on the dark web. Unfortunately, this can make your email and your business a target, leading to a significant increase in scam emails, sometimes persisting for years.
If you have provided information (even just your email) via a link, or if you have responded to a fraudulent email, the effects will be similar to the above but far more severe. Dark web actors may initiate campaigns against you to breach your system and experiment with new methods of extracting information from you.
If you have fallen for the scam completely, numerous news articles describe what happens when hackers gain access to accounts. It’s crucial to change all your passwords (and any similar ones) immediately and be prepared for the aforementioned effects.
Remember, it’s always important to stay vigilant online!
If you are a managed client of ours, you can always use our support system to help identify fake emails and submit them for us to inspect.
NEVER CLICK ON ANY LINK IN A SUSPICIOUS EMAIL
Research has revealed that over half of all users end up opening fraudulent emails and often even fall for them. Phishing is done with the aim of gathering personal information about you, generally related to your finances. The most common reason for the large number of people falling for fraudulent emails is that the phishing attempts are often so well-disguised that they escape the eyes of a busy email reader. We hope these tips have helped you stay vigilant and keep you safe!
If you are a managed client of ours, you can always use our support system to help identify fake emails and submit them for us to inspect.
NEVER CLICK ON ANY LINK IN A SUSPICIOUS EMAIL
Did we miss something?
or do you want to suggest an article?
