How to Spot Phishing Messages Like a Pro
“Phishing” emails appear to be from a legitimate source but trick you into providing personal information or credentials.
The Federal Trade Commission defines phishing as “when a scammer uses fraudulent emails or texts, or copycat websites, to get you to share valuable personal information.”
This is why it is important for everyone learn to spot fraudulent phishing messages. Ready to take a deep dive? Learn about specific kinds of phishing attacks called “spear phishing” and “whaling.”
Think you’ve got a good eye for an attempt to phish your personal information? Let’s take a look at some example phishing email messages.
Subject: Low Cost Dream Vacation loans!!!
We understand that money can be tight and you may not to be able to afford to go on vacation this year. However, we have a solutions. My company, World Bank and Trust is willing to offer low cost loans to get your through the vacation season. Interest rates are as low at 3% for 2 years. If you are interested in getting a loan, please fill out the attached contact form and send it back to us. We contact you within 2 days to arrange a deposit into your checking account.
Please email your completed form to VacationLoans@worldbankandtrust.com.
Subject: Free Amazon Gift Card!!!
You name has been randomly selected to win a $1000 Amazon gift card. In order to collect you prize, you need to log in with your Amazon account at the link below and update your contact information so we can put your prize in the mail. This is a limited time offer, so please respond to the request within 2 business days. Failure to respond will forfeit your prize and we will select another winner.
Subject: Urgent – Take Action Before Your Email Account is Deactivated
Following changes to our Microsoft email systems, each user must authenticate their account to prevent it from being deactivated. You can accomplish this by heading to the link below and entering your Microsoft Outlook email account credentials, and then we will know your account is active and should remain so.
Helpdesk Support Team
Protect Yourself From Becoming a Phishing Victim
- Treat with suspicion any email that you didn’t expect to receive.
- Legitimate subject lines are usually detailed and specific. A generic subject line can be a key indicator of a phishing scam.
- Look for unprofessional spelling and grammar errors.
- Unnecessary urgency is suspect. Use your intuition and, if something “feels” wrong, call the sender’s organization to validate the email.
- If it seems too good to be true, it probably is.
- Hover over links to see if the web address is legitimate and relates to the email’s content.
- Check for odd phrases and word choices based on your knowledge of the sender.
- Verify any email that asks for personal information (e.g., birthday, Social Security Number, username, password) by independently looking up the sender’s contact information.
- Watch for improper or unusual use of copyright information, logos, and graphics that could make the email appear to be official.