Modern IT infrastructure is getting harder and harder to “hack”, so these nefarious agents have turned to a new tactic…they send a fake email and simply wait for someone to hand over their passwords or sensitive information. It’s a tactic called email phishing, and here are some tips on how to avoid becoming a victim of fraud.
What is Phishing?
Simple Definition: Phishing is when someone tries to trick you into giving away your personal information like credit card numbers, passwords, or even access codes to buildings by pretending to be someone you trust in an email.
How Phishing Works
Fake Emails: Phishers send emails that look like they come from a real company or person, often using legitimate company logos, employee names, and contact information.
Urgency and Fear: These emails often say there is a problem with your account or that you need to act quickly to avoid trouble. They often use urgent language to instill anxiety about fixing a problem that doesn’t exist.
Signs of Phishing
Suspicious Email Address: Check the email address carefully. If it is not from an official or familiar source, be cautious. Phishers often use email addresses that look similar but have small changes. For example, our email of @heartlandtrust.com might be made to look like @banks.heartlandtrust.com and these small changes are what often get overlooked.
Grammatical Errors: Phishing emails often have spelling mistakes or awkward language. Frequently English is not the native language of the people carrying out these attempts.
Unusual Requests: Be wary if the email asks for personal information. Another very common scam is to ask you to buy and provide gift card numbers or crypto currency to fulfill payments.
Links and Attachments: Don’t click on links or open attachments unless you are sure they are from a trusted source. PRO TIP: If you move your cursor over hyperlinks without clicking, it will show you a preview of where that link will take you.
What to Do if You Receive a Suspicious Email
Do Not Respond: If you think an email is a phishing attempt, don’t reply to it or click on any links.
Verify: If the email claims to be from a company you use, contact the company directly using a known phone number to verify the email’s legitimacy. A reputable business should be glad to take your call and verify that they did indeed send the message to you. Do not use the phone number in the suspicious email, it may have been changed to a fake number that will call the individuals rather than the alleged company. Hackers will often spoof phone numbers to call you, and it may show up on your caller ID as a known number of the company they are purporting to be.
Report It: You can report phishing emails to your email provider. Most modern email providers have a type of “Report Phishing” button or option somewhere in the taskbar.
Above all, ask someone you trust if you have an inkling that an email is not legitimate. Getting a second opinion could save you a lot of time and headaches.
