Too many companies have experienced a scenario that goes something like this. An employee comes into work and opens their email. One email appearing to be from someone important–maybe the company CEO, a government official, or a similar figure–displays an urgent call to action. They might be demanding money or telling the recipient to verify their login details. Thoroughly convinced, the employee responds to the request or clicks through a link. That simple mistake compromised their personal security and the security of the company that employs them.
Email scams, also commonly called phishing attempts, are an insidious method used by hackers to trick victims into handing over their information. Some are easily detected, but as phishing becomes more sophisticated, it’s easy to miss the warning signs. Here are a few ways to tell if an email is legitimate or if you should report it as phishing.
Obvious Signs of a Scam
Some phishing tricks are so obvious or so commonplace that they’re the subject of jokes for many. Several glaring signs of a scam include:
- The classic “Nigerian prince” or “bank account in Ghana” story, where someone is offering to send you a lot of money
- Glaring mistakes in spelling or grammar
- Odd text formatting (for example, numbers or special characters sprinkled throughout the email for no discernable reason)
- A huge amount of emojis or colorful symbols
- Easily disproven claims
- Urgent deadlines demanding an immediate response
Pro Tip: Some phishing scams are easy to spot. For instance, a common blackmail scam threatens to release supposed private webcam footage of the recipient. If your computer doesn’t have a webcam or you always keep it covered, you definitely know it’s a lie!
Subtler Red Flags
Other signs of a phishing scam are subtler. You’ll have to put in a little work to determine whether or not you’re being fooled. Less obvious signs of an email scam include:
- Links that don’t lead to the website they claim (you can check this by hovering the cursor over the link)
- Company or government agency names that are just a little bit off (for instance, referring to the FBI as the Federal Business of Investigation rather than the Federal Bureau)
- Professional-sounding language in an email with faulty links or counterfeit business names
Always hover over links in an email to double-check where they actually lead. Furthermore, if any terminology or phrasing sounds off in the email, double-check to see if it’s legitimate.
How to Protect Yourself
There’s a very simple way to prevent yourself from falling victim to email scams: learn to recognize them! Teach yourself and your employees the signs of phishing and have a plan on how to handle these emails. But beyond that, consider hiring a professional security group to keep your computers safe. An antivirus won’t be enough against newer, more sophisticated attacks. Real-time monitoring and security alerts from a professional company will keep you informed and safe.
Blocking Phishing Attacks
Email is a relatively secure method of communication, but one mistake when dealing with a hacker can compromise that security. Learn to recognize phishing scams and train your employees to do the same. Only detailed knowledge of the threat will enable your business to identify and guard against hacking attempts.
Join the conversation for more information on recent phishing attacks.