6 Tips to Spot Phishing Like an Expert

Who bothers to research the latest scams, malware, or phishing techniques? Not many of us. We all have more fun things to do online. Besides, you’re too smart to be scammed by some online trickster.

Or are you? According to most statistics, most of us (over 90%) wouldn’t easily identify a “sophisticated” phishing attempt.

Phishing is an attempt by a hacker to lure you into giving away personal information, usually with a deceptive email. If you take the bait, you are tricked into giving away information like passwords or your Social Security Number to a hacker.

There are phishing phone calls, but phishing email cons are by far the most effective.

Why are phishing scams successful?

Because not enough people are aware that phishing is so commonplace. One estimate says that more than 150 million phishing emails are sent out every day, and those deceptive emails manage to catch 80,000 victims daily.

Don’t be one of them. The best thing to do is to use this six-point process to spot the shiny online lures that are trying to hook you. If you spot one of these common email approaches, it’s likely a phishing email.

1. The email asked for personal information.

Don’t give it. No matter how legitimate an email may seem or look, your real bank or credit card account will NEVER ask you to verify personal information over email! If ANY email requests your account number, driver’s license, or Social Security number, it’s certainly a phishing attempt. Think about it: When was the last time your bank sent you anything besides a paperless statement by email? Probably never! Don’t be fooled.

2. The URL in the email doesn’t match the actual online address.

It’s a trap. If you click a link on a phishing email pretending to be a really company or agency, it would take you to a bogus website. You’d discover, upon examination, that the URL in the address bar doesn’t match the way the address was in the email or the normal address for that company or agency.

A spammer can create a link that looks legitimate in the email, but when you click it, it takes you to a bogus site run by online thieves. You might think you’re going to the IRS’s website at irs.gov, but the link opens to TheRealIRS.com – a fake site made by scammers. You could easily download malware from such fake sites, or if you’re totally fooled, you could even send them some private data.

3. The email is full of typos and errors.

Banks and other institutions can’t afford to look incompetent, so they hire proofreaders to make sure their emails are flawless. Scammers, on the other hand, don’t use spell check or dictionaries. Some of the easiest tip-offs to a phishing email are poor grammar and obvious spelling mistakes. If the email supposedly from your bank says you need to update your acount information or provide your personal indentification number (hopefully you caught those errors!), move on – it’s a scam.

4. The email promises that you won.

People don’t win contests they never entered. But you wouldn’t believe how many people will click a link just to see what they supposedly won. Marketers have used “You’ve won!” lures for decades, and now spammers use it too to convince victims to take the bait. The moment you see a contest-winning announcement email of any kind, delete it! You won’t be losing out, you’ll be saving yourself a lot of grief.

5. The email threatens that the authorities are coming to get you.

Most of us do our best to stay out of trouble. So getting an email (or a phone call) saying you’ve broken a law and need to pay a fine IMMEDIATELY or risk going to jail is terrifying. That’s what scammers are hoping for. They will intimidate you with threats of going to jail or seizing your home or assets until you pay.

But here’s the facts: Government agencies simply don’t operate that way. When in doubt, delete the email or hang up on the caller and look up the number for whoever the caller or email was pretending to be – but never respond to threats.

6. They insist you send money first.

Your brother might send you an email saying you owe him $100, and chances are you know that. But if a credit card company sends you an email payment request for $1,000 and directs you to a website for payment – and you weren’t aware you owed this $1,000 payment – don’t bite! Never send money unless you know exactly who you’re sending it to and why.

Scammers get money from victims for two simple reasons: They ask for it, and people send it to them! It’s as simple as that. If you don’t send the money, they’ll ignore you and move on.

Knock, knock, who’s there?

As a kid, you were taught not to open the door for everyone – not until you learned whom to trust and to recognize trusted people and faces. The same logic applies today to emails in your inbox, demanding your attention and response. You can’t let everyone in without looking at their intentions.

You have to filter ever communication you get, because some of them are going to be phishing scams or other kinds of scams. It’s more than okay to ignore emails from people you don’t know, don’t trust, and don’t owe any money to.