A phishing email is an attempt to steal your personal, business, or financial information by promising you something that you were never expecting. Phishing is an attempt to tempt you into a trap – which may or may not also include social engineering – and make you give away all your details in lieu of something huge – but fake. Basically, a phishing email is bait sent to you with the intention to gather and misuse your credentials.
Table of Contents
How Does Phishing Work? An Overview
In most cases, phishing emails promise you loads of money and ask you for your information. In other cases, they direct you to a lookalike website and capture (steal) all your data. For example, they may make an email look like it is from PayPal and when you click on the links embedded in the email, it takes you to a website that looks like PayPal but is not PayPal. When you enter your information into the website, it is stolen and misused.
In still some other cases, they promise you a huge sum of money as a loan or as a donation and make you pay some money upfront. You pay the money and keep waiting for your loan while the people involved are comfortably living off that money. You must be careful and not fall for any such phishing emails. This explains what a phishing email is.
How to Spot a Phishing Email?
Some easy methods to spot phishing scams are checking spelling, email addresses, etc. This section on how to spot phishing emails looks at these methods.
Check the Origin of Email
The first thing to check in case of emails that seem to appear from your bank or anything similar is the origin of the email address. If it is in the format of [email protected], it is not from your bank as it shows it is from something.com. Some may take a step ahead and create email IDs like info@bank_name.something.com. Again, in this case, the bank_name is just a subdomain of something.com and the email origin is that subdomain and not your bank. If the email source is something like [email protected], you have reasons to trust the email.
Spotting Phishing Email: Cross Check with the Sender
If you are not sure, call up your bank, PayPal Support, or any other institutions that the phishing email looks to be from. Genuine financial institutions do not ask you for your details in an email.
Who is the Email Addressed To?
Check to see who the addressee is. In most phishing scam cases, the To field is either empty or “recipients.”. If the To field or CC field does not contain your email address and the email does not address you by your name, don’t fall for it.
Donation Related Phishing Emails
No one would want to donate huge sums of money to someone they do not know. If they really wish to donate money, they will perform background checks of charities/trusts and then give it to charity (the researched institutions). Do not even care to reply to such emails. Simply delete them.
Money Transfer Emails
You may receive what seems to be genuine letters from frauds, written from the core of their heart, about how they are dying or are oppressed and hence wish to transfer huge sums of money to your bank accounts and offer you a percentage for the transactions. Replying to such emails is calling for trouble. You may get into legal hassles even if the transactions are genuine. But in most cases, it is just to get your details and then use them illegally.
Phishing Emails About Loans Without Surety
Random emails from loan companies that look genuine. Beware as they will ask you to provide an upfront payment so that they can get the loan insured. That does not happen. Even if you pay the money upfront, the loan money will never come. This is just a technique being adopted by phishing emails to lure people as everyone has plenty of needs and may easily fall for an unsecured loan. But you know it is not the case. It is just a phishing email.
Check the URLs to Spot a Phishing Email
If the emails contain hyperlinked text, hover your mouse over it. A small information window may appear – showing you the URL. If the window does not appear, right-click on the hyperlinked text and click on copy link. Then paste it in Notepad or somewhere to see what it is exactly. Again, check to see if the URL is genuine by following the steps outlined above. For example, https://paypal.something.com is not PayPal. Only https://paypal.com is PayPal.
Emails About You Winning Something
Some emails claim that you won a prize. Don’t be happy. Try to remember if you entered any contest. If not, then how can you win? Common sense here is to not go for prizes of contests you did not enter.
Similarly, emails saying “Your package is Waiting To Be Delivered” are phishing scams. You need not know about the package if you never ordered anything. Don’t EVER open attachments that are generally sent in with such emails. The attachments could be malware that can log your keystrokes and send information back to the sender of such phishing emails.
Use Only Original URLs to Avoid Phishing Scams
Many times, you will receive emails from imposters posing as financial institutions such as PayPal. The content of such emails says you should take immediate action after confusing you by saying the account is blocked or something similar. DO NOT CLICK URLS IN EMAILS. Use the original URLs. That means, instead of clicking the hyperlinks in the email, open your browser and type the original URL to get to the site to see your account status.
Above are some hints on how to spot phishing email scams. The next section deals with how to report phishing emails.
How and Where to Report Phishing Emails?
You can choose to report phishing emails to the companies that are mentioned in the text of the phishing suspects. Just forward the phishing email to the real company asking if it sent any email to you. They’ll help in identifying the phishing email and would take action as required.
You can also report to the cybercrime branch of your state or province. Different countries have different cyber crime contact information.
Social networking sites have made it easier to report phishing scams or any other cyber crimes. Just send a tweet tagging the handle of the police in your area. They’ll forward your complaint to the cyber crime department in your country.
Another easier method is to report the phishing email to your email provider. Almost all email clients and some cloud-based emails (e.g. Outlook, and Gmail) have the option to report junk and phishing emails.
Hope you now understand how to spot a phishing email and how to report a phishing email. If not, please comment below and we’ll get back to you as soon as possible.
Don't be good. Be great. Learn from Lord Krishna and Swami Vivekananda. For details, click the button below.
What Is Real Hinduism?
Ask, share, and learn about Hindu Philosophy and practices. Click the button below. It's a free service.