1. Disguised Email Links
Many hackers create fake websites or landing pages to lure in potential victims. They might include a hyperlink within the body of the email and encourage you to click. Spotting a fraudulent link means you can spot a potential phishing scam before getting in too deep.
One of the easiest ways of identifying a website is by hovering your cursor over the recommended link. Your browser will show you the destination of that link; if the destination doesn’t match one you recognize, or the one that’s mentioned in the email, don’t click through.
2. Grammar Errors And Typos
Emails coming from professional institutions (for example your bank) are highly unlikely to contain grammatical or spelling errors. If you receive an email purportedly coming from such an institution or professional body that contains glaring mistakes and errors, consider this a large red flag for online safety. Should you receive such an email, we’d recommend moving it to your spam folder or deleting it straight away, without engaging with it.
3. Sender’s Email Address
More than nine times out of ten, emails from a professional institution will come from a dedicated domain; it’s highly irregular to say the least to find professional emails coming from common public email domains such as Gmail or Hotmail. Check the actual sender’s address if you suspect an email might be a scam – anything that doesn’t look like the name of a business, bank or other familiar professional body should be treated with caution.
It’s also a good idea to pay attention to how the sender addresses you. A professional sender from an identifiable or familiar institution is likely to have your full name, or your business’ full name at the very least, and will address you as such. It’s fairly common for scammers to send out a blanket phishing email addressed to ‘Dear Client’ or just using your email username. Emails that begin this way should certainly be examined carefully.
4. Requests For Confidential Details
No bank, financial institution, or other professional company will request personal or sensitive data over email – this includes your PIN, password, and username. If you receive an email asking for this data, it’s a fairly safe bet that its part of a phishing scheme.
Other requests of this type include invitations or offers of things you don’t recognize, or never applied for; unless you’re sure you recognize the sender, it’s safest not to engage with the email.
We’d also recommend avoiding filling out online questionnaires or Google Forms, as the data you input might be visible to scammers.
In summary, it’s always wise to be vigilant and cautious when working online or using email. Your first port of call should always be double-checking that the sender’s address and the name is genuine. Another thing to look out for when browsing is the padlock icon in the address bar, which indicates a secure connection.