If you get an email message from an unknown sender that is trying to direct you to sign into a website, it’s time to raise your brow in suspicion. This is mainly if the message is pressing you to give out a password or social security number, since any legal or corporate entity won’t ever ask for this type of data through email or instant messaging.
Also, ensure to double check the address from which the email was sent, since many phishing attacks use one that might resemble the real company’s official address a lot, but is in some way slightly different.
2. Identify suspicious emails
If you receive an email from an institution you are working with that is not the sort of message you expect to receive from it that is asking you to sign into a website, then this is a major red flag.
You should especially watch out for security warnings such as emails or even telephone calls announcing that your account has been breached. This is a common phishing method. In these cases, do not click on the attached link but rather go into the respective company’s official website and log in from there just to check that your account is in order.
3. Think before clicking
One of a hacker’s main objectives is to install malware or a Trojan onto their victims’ devices. Since executable files are generally blocked in email attachments, attackers have perfected their techniques of tricking users into downloading a harmful program over the internet or convincing them to visit a phishing website.
To safeguard yourself from such an attack, do not click on a URL unless it has been sent from a reputed site and that you have confirmed to be legitimate. Even if that’s the case, always type the website address in manually.
4. Look for mistakes
Many times you can identify an email message as a phishing one by the grammar and spelling mistakes that it is written with. Legitimate emails that have been sent from genuine companies are well articulated and have been verified for any spelling, grammar, or legality mistakes.
As such, if you discover an unexpected email in your inbox and it is from a company that you know yet it contains a lot of errors, then this is a definite sign it is a phishing scam. In this case, you can ignore the email and perhaps report it to the company that the fake is trying to replicate.
Even though there are no guaranteed solutions when it comes to antiphishing protection, it is highly recommended to also use antivirus software that provides defense against this cyber threat. And by ensuring your firewall is on and the antivirus is up to date, you’ll block any new threats before they can take place.