What is phishing email and how to spot them?

What is A Phishing Email? Spot and Report

Last updated on Editor's Desk

A phishing email is an attempt to steal your personal, business, or financial information by promising you something that you were never expecting. Phishing is an attempt to tempt you into a trap, which may or may not also include social engineering, and makes you give away your data in lieu of something huge but fake.

How Does Phishing Work? An Overview

In most cases, phishing emails promise you loads of money and ask you for your information. In other cases, they direct you to a lookalike website and capture (steal) all your data. For example, they may make an email look like it is from PayPal and when you click on the links embedded in the email, it takes you to a website that looks like PayPal but is not PayPal. When you enter your information into the website, it is stolen and misused.

In still some other cases, they promise you a huge sum of money as a loan or as a donation and make you pay some money upfront. You pay the money and keep waiting for your loan while the people involved are comfortably living off that money. You must be careful and not fall for any such phishing emails. This explains what a phishing email is.

How to Spot a Phishing Email?

Some easy methods to spot phishing scams are checking spelling, email addresses, etc. This section on how to spot phishing emails looks at these methods.

Check the Origin of Email

The first thing to check in case of emails that seem to appear from your bank or anything similar is the origin of the email address. If it is in the format of [email protected], it is not from your bank as it shows it is from something.com. Some may take a step ahead and create email IDs like info@bank_name.something.com. Again, in this case, the bank_name is just a subdomain of something.com and the email origin is that subdomain and not your bank. If the email source is something like [email protected], you have reasons to trust the email.

Spotting Phishing Email: Cross Check with the Sender

If you are not sure, call up your bank, PayPal Support, or any other institutions that the phishing email looks to be from. Genuine financial institutions do not ask you for your details in an email.

Who is the Email Addressed To?

Check to see who the addressee is. In most phishing scam cases, the ‘To’ field is either empty or “recipients.”. If the ‘To’ field or ‘CC’ field does not contain your email address and the email does not address you by your name, don’t fall for it.

No one would want to donate huge sums of money to someone they do not know. If they really wish to donate money, they will perform background checks of charities/trusts and then give it to charity (the researched institutions). Do not even care to reply to such emails. Simply delete them.

Money Transfer Emails

You may receive what seems to be genuine letters from frauds, written from the core of their heart, about how they are dying or are oppressed and hence wish to transfer huge sums of money to your bank accounts and offer you a percentage for the transactions. Replying to such emails is calling for trouble. You may get into legal hassles even if the transactions are genuine. But in most cases, it is just to get your details and then use them illegally.

Phishing Emails About Loans Without Surety

Random emails from loan companies that look genuine. Beware as they will ask you to provide an upfront payment so that they can get the loan insured. That does not happen. Even if you pay the money upfront, the loan money will never come. This is just a technique being adopted by phishing emails to lure people as everyone has plenty of needs and may easily fall for an unsecured loan. But you know it is not the case. It is just a phishing email.

Check the URLs to Spot a Phishing Email

If the emails contain hyperlinked text, hover your mouse over it. A small information window may appear – showing you the URL. If the window does not appear, right-click on the hyperlinked text and click on copy link. Then paste it in Notepad or somewhere to see what it is exactly. Again, check to see if the URL is genuine by following the steps outlined above. For example, https://paypal.something.com is not PayPal. Only https://paypal.com is PayPal.

Emails About You Winning Something

Some emails claim that you won a prize. Don’t be happy. Try to remember if you entered any contest. If not, then how can you win? Common sense here is to not go for prizes of contests you did not enter.

Similarly, emails saying “Your package is Waiting To Be Delivered” are phishing scams. You need not know about the package if you never ordered anything. Don’t EVER open attachments that are generally sent in with such emails. The attachments could be malware that can log your keystrokes and send information back to the sender of such phishing emails.

Use Only Original URLs to Avoid Phishing Scams

Many times, you will receive emails from imposters posing as financial institutions such as PayPal. The content of such emails says you should take immediate action after confusing you by saying the account is blocked or something similar. DO NOT CLICK URLS IN EMAILS. Use the original URLs. That means, instead of clicking the hyperlinks in the email, open your browser and type the original URL to get to the site to see your account status.

Above are some hints on how to spot phishing email scams. The next section deals with how to report phishing emails.

How and Where to Report Phishing Emails?

You can choose to report phishing emails to the companies that are mentioned in the text of the phishing suspects. Just forward the phishing email to the real company asking if it sent any email to you. They’ll help in identifying the phishing email and would take action as required.

You can also report to the cybercrime branch of your state or province. Different countries have different cyber crime contact information. For India, the cybercrime number is 1930. You may also want to file a soft copy complaint at the cyber crime website of GoI. Check out the different options at Cyber Crime Portal of the Indian government. For crimes in the US, check out their IC3 website.

Social networking sites have made it easier to report phishing scams or any other cyber crimes. Just send a tweet tagging the handle of the police in your area. They’ll forward your complaint to the cyber crime department in your country.

Hope you now understand how to spot a phishing email and how to report a phishing email. If not, please comment below and we’ll get back to you as soon as possible.

Want mental peace? Stay grounded in God.
Subscribe to our weekly newsletter for wisdom from sage Ved Vyas, sage Vashishtha, Swami Vivekananda, and others. Get a Free PDF of the Chapterwise Summary of the Bhagavad Gita upon signup. Click the button below for details.

We all need some spiritual therapy to live better. Receive daily spiritual nuggests only on Hinduism Online Group Therapy on the Telegram app. Preview and join now. Click the button below. It's free.

Related Posts

Arun Kumar Acharya is a student of the Hindu religion and spirituality. His vision is to serve humanity by sharing what he learns from the Hindu scriptures. This blog is his nonprofit initiative to spread awareness about the core teachings of Hinduism. He can be contacted at https://t.me/powercutin