Between work and home, do you have any idea how many emails drop into your inbox each and every day? More than 10 but less than 50? More than 100? A number so high you don’t even want to know what it is?
Whatever your personal email tally is today, it’s almost guaranteed to climb higher tomorrow. The more mundane tasks we perform online, the wider we open the gates to our inboxes. A single purchase from Amazon, for example, might result in no fewer than three new emails from three different sources—Amazon, a shipping company, and the third party who actually sold you the used book.
To cyber criminals seeking to hack into your system, each one of those emails represents an opportunity. If they can generate an email that resembles something you’re expecting to receive, they can snag you. Say you’re in a hurry. You have 100 emails to sift through. You open the one that looks like it’s from your bank. Gotcha!
The first step in protecting yourself against a phishing expedition is to slow down. Pay attention to what you’re looking at, and be alert to these five warning signs.
- Misspelled Email Addresses. Government agencies and multinational corporations know how to spell their own names. GEICO may be your insurance company, but if you see an email from GEICO misspelled as GECO, that email is most definitely not coming from a legitimate GEICO representative. Delete.
- Shoddy Formatting. On a similar note, real businesses reaching out to their customers through email are not going to send a message that looks like it was formatted by someone who’s never used a word processor before. Weird spacing, empty lines in the middle of sentences, crazy font choices—those are all good indications that something isn’t right. Delete. If you feel a need to follow up, use the phone.
- Grammatical Errors. The emails you send to friends and co-workers might not pass muster in a college writing class. But if a supposedly paid professional representing a legitimate business sends you an email with misspelled words, incomplete sentences, or faulty punctuation, proceed with caution. Not sure? Pick up the phone.
- Requests for Personal Information. Any request for personal information via email should send up a bright red flag. But a request for personal info that asks you to click on an attachment or an external link should set off a virtual smoke alarm in your head. Do not click! Call the company and verify that they need to update your information.
- You’re a Winner! Good things do happen. People do actually win the lottery. But winners are not typically informed of their good luck by email. If an entity you are familiar with sends an announcement that you’ve won $100 or a new car, don’t trust it unless the message also includes the last four digits of your account number. And be cautious even then. Delete. Call the company.