A Practical Guide to Protect Against Phishing and Scam Emails
Scammers are the worst. And I’m not talking about your weird uncle who takes the last of the stuffing at Thanksgiving. I mean the real ones – the clowns trying to steal your identity and take over your email. I come bearing good news; you can stop many of these dead in their tracks. And, I’m going to show you how to look like a genius.
Learn to Spot the Signs
When someone is trying to swindle you through a scam or phishing email, they often reside in countries where English is not the first language. First, kudos to them for knowing more languages than me, but that’s as much credit as I’m going to give them. With English frequently being a secondary language, look for clues in the writing. Are they posing as your credit card company here in the United States, but using the British spelling of words (e.g. “labour versus labor”)? Are there any typos in the email at all? These are the easiest signs to help you spot a fake. Large companies typically have teams of people reviewing messages for errors before they are sent. If you see an error, the chances of a fake are very high – beware.
Look Closely at the URL
Let’s say you bank at Second Galactic Bank and the website is http://secondgalacticbank.com. One day you receive an email claiming to be from your bank, asking you to provide your password with them online by clicking on a link in the email. How can you be sure this email is real or fake? First, your bank will never ask you for this information. Second, you can check the sender to ensure it originated from the site’s primary URL. For example, an email address from them should read as email@example.com, but you find that it comes from firstname.lastname@example.org. This is a sign that you should be highly suspect of the email and pair it with the other context clues – in this case, they are asking you to click a link and provide your password. To stay safe in a situation like this, contact your bank with the phone number on the back of your bank card and confirm that they have requested information from you.
Be Wary of Links
Clicking on a link can lead to disaster if you’re not careful. How do you know where a link will take you before you click or tap it? Luckily, your phone, tablet and computer all have ways to help you navigate links safely. On your computer, hover your cursor over the link; in the status bar at the bottom of the window (or in a bubble that appears) will be the actual link of where it’s going to take you. On your phone or tablet, long press a link and a window will appear telling you the true link. If this doesn’t make sense, think of the last time you were Rickrolled. You can label a link one thing while it directs you to another location – the ol’ bait and switch. While we’re on the topic of links, sometimes the true destination of links can be covered up with a URL shortener. URL shorteners are services that take long links and make a shorter version of them without revealing the destination. In this case, copy the shortened URL, do a search online for “url expander” and select one of the services. On the site, paste the shortened URL and the service will reveal the link’s destination, preventing you from having to click it.
Out of Character
In the real world we can all act a little out of character. Maybe we’re having a great day and we behave a little sillier than usual or maybe we’ve had a tough go that morning and we’re blue. Understanding out-of-character behaviors are easier in person than in an email. If you ever receive a message from a friend, coworker, or family member that seems out of character for them – say they ask you to sign up for a new service you’ve not heard of and they typically don’t do this – the best thing to do before clicking a link is to contact the sender via phone or text. Confirm that they did, in fact, send this email to you intentionally. Many times, the sender didn’t bother to check when they received a similar suspicious email and simply clicked the links, which then spammed their entire contact list. Even if this person did send you the email legitimately, it may be worth a quick Internet search if it sounds too good to be true.
Following these steps can help keep you safe online. In addition to these safeguards, it’s best to keep your computer’s antivirus software current and update all your devices with the latest security updates. Additionally, I also recommend you establish two-factor authentication on as many accounts as you can. Stay safe!