This post may contain affiliate links that earn me a small commission, at no cost to you. As always, I only recommend links I personally use and love!
In the digital age, our inboxes are filled to the brim with emails, making it a prime target for cybercriminals. One of the most common online scams is phishing, a deceptive practice where scammers pose as legitimate institutions to trick you into providing sensitive information. In this article, we’ll explore what phishing is and highlight 10 red flags to help you spot a phishing scam. By staying informed, you can protect yourself and your information from these digital predators.
What Is Phishing?
Phishing is a type of online scam where criminals send an email that appears to be from a legitimate company and ask you to provide sensitive information. This is usually done by including a link that will appear to take you to the company’s website to fill in your information – but the website is a clever fake and the information you provide goes straight to the crooks behind the scam. The term ‘phishing’ is a spin on the word fishing, because criminals are dangling a fake ‘lure’ (the email that looks legitimate, as well as the website that looks legitimate) hoping users will ‘bite’ by providing the information the criminals have requested – such as credit card numbers, account numbers, passwords, usernames, and more.
Urgent or Threatening Language in the Subject Line
Phishing emails often use urgent or threatening language to create a sense of panic and prompt you to act quickly without thinking. They might claim your account has been compromised or that immediate action is required to avoid a penalty. Always take a moment to think before you click.
Requests for Personal Information
Legitimate companies will never ask for sensitive information, such as your password, credit card number, or social security number, via email. If an email asks for this information, it’s likely a scam.
Poor Spelling and Grammar
While anyone can make a typo, an email from a legitimate company will rarely have major spelling or grammar mistakes. If an email is riddled with errors, it’s a red flag that it might be a phishing scam.
If you hover over a link in an email (without clicking it), you can see the actual URL. If the URL doesn’t match the text of the link or the company it’s supposedly from, it’s likely a scam.
Emails That Don’t Use Your Name
Legitimate companies will usually address you by name in their emails. If an email starts with a generic greeting like “Dear customer,” it might be a phishing scam.
The Email Is Unsolicited
If you receive an email you weren’t expecting, especially one asking for personal information or urging you to click on a link, be wary. It could be a phishing scam.
The Email Contains Poor Quality Images
Legitimate companies typically use high-quality, professional images in their emails. If an email contains low-quality images, it might be a scam.
The Email Asks You to Verify Your Account
Phishing scams often ask you to verify your account or update your password by clicking on a link. Remember, legitimate companies will never ask you to do this via email.
The Offer Seems Too Good to Be True
If an email offers something that seems too good to be true, like a large sum of money or a free vacation, it’s probably a scam.
The Email Is From a Public Email Domain
Legitimate companies will usually send emails from their own domain (like @company.com), not a public email domain like @gmail.com or @yahoo.com. If an email is from a public domain, it’s a red flag.