Ten Tell Tale Signs of Phishing
The “tells” you can look for to help suss out potential scams.
1. It just doesn’t look right. Is there something a little off with a particular email message? Does it seem too good to be true? Trust your instincts.
2. Generic salutations. Instead of directly addressing you, phishing emails often use generic names like “Dear Customer.” This use of impersonal salutations saves the cybercriminals time.
3. Links to official looking sites asking you to enter sensitive data. These spoofed sites are often very convincing, so be aware of what personal information or confidential data you’re being asked to reveal.
4. Unexpected emails that use specific information about you. Information like job title, previous employment, or personal interests can be gleaned from social networking sites like LinkedIn and is used to make a phishing email convincing.
5. Unnerving wording. Thieves often use unnerving wording (such as saying your account has been breached) to trick you into moving fast without thinking and in doing so, revealing information you ordinarily would not.
6. Poor grammar or spelling. This is often a dead giveaway. Unusual syntax is also a sign that something is wrong.
7. Sense of urgency. “If you don’t respond within 48 hours, your account will be closed.” By creating a sense of urgency, the thieves hope you’ll make a mistake.
8. “You’ve won the grand prize!” These phishing emails are common, but easy to spot. A similar, trickier variation asks you to complete a survey (thus giving up your personal information) in return for a prize.
9. “Verify your account.” These messages spoof real emails asking you to verify your account. Always look for signs of phishing, and always question why you’re being asked to verify – there’s a good chance it’s a scam.
10. Cybersquatting. Often, cybercriminals will purchase and “squat” on website names that are similar to official websites in the hopes that users go to the wrong site e.g. www.google.com vs. www.g00gle.com . Always take a moment to check out the URL before entering your personal information.
For more tips and tools to stop phishing, visit www.sophos.com/prevent-phishing