There always seem to be scammers trying to trick you into giving them your personal information. Unfortunately, in our digital age, phishing scams are becoming more and more popular these days. Despite even the most advanced technological security features, we are all still vulnerable to attacks, which means that you need to be extra cautious with what you do on the Internet. Today, we’ll show you how to protect yourself against phishing scams. 

What Is Phishing?

Phishing is a form of online fraud that tricks you into providing personal information by pretending to be someone or something else. For example, a phishing scammer will often send you an email that looks like it’s from a company or organization that you trust. In most cases, the emails will try to get you to click on links within them, which can lead to more problems, malicious software designed to take over your computer, or they’ll ask for personal information, passwords, etc.   

Phishing can occur over the phone, with SMS, or with email, this last one being the most common and the one we’ll be teaching you how to spot and protect yourself against these attempts. 

How to spot a phishing attempt?

The best way to spot a phishing attempt is to keep an open eye on these common tactics:  

• Including a fake invoice. 
• Fake shipping or delivery notifications. 
• Fake purchase confirmations & invoices 
• Asking you to confirm your personal information. 
• Claiming there’s a problem with your account or payment information. 
• Notifying you of a suspicious activity or log-in attempts. 
• Asking you to click a link to submit payment.  
• Promises of attractive rewards. 
• Charity or gift card scams 
• Use of urgent or threatening language 

These are just a few ways a scammer will trick you into clicking a link or opening a dangerous attachment. Now, there are other vital details to spot a phishing attempt. ALWAYS pay attention to these to determine if an email is safe or not: 

• Who sent the email? The most common way to spot a phishing attempt is to check the sender’s email address. If it’s not from someone or something you know, there’s a good chance it’s a scam. 

• Check the subject line and the body of the email. Always examine the subject line of an email before opening or responding to it. If you have already opened it, check the body of the message. You’re dealing with a scammer if there are misspellings, grammatical errors, or poor formatting. 
• Any suspicious links or attachments. Phishing emails often include outbound links that will redirect you to a page that is broken or not a valid URL. If you can’t see the complete URL, hover over any links in the email and see if they look legitimate. If you don’t recognize the link, DON’T CLICK IT. 
• Check the type of content in the email. Examine the overall tone of the email. Most phishing attempts work by expecting you to panic over what’s on this email. It could be like, “We need a payment ASAP or else…” “We will delete your account if you don’t click this…” and so on. If it’s way too pushy, the best you can do is double-check if something is truly going on.

Here are some examples of a phishing email:

As you can see on this screenshot, the sender is an email that does not belong to the company they say they are. You can see that it ends on @outlook.com, and most businesses (at least as big as Facebook – Meta) would use a custom domain with their name, like @facebook.com. Seeing this is enough to know that the email we are looking at is a phishing attempt. But sometimes, they have more convincing emails that look more natural, so let’s look at the other flaws of this phishing attempt. A business like Facebook starting an email with “Hi Dear” is weird, let alone the link they attach. We can see that it looks like a real link from Facebook but don’t fall for it. And last, there’s a typing error at the end of the email.

On this other screenshot, the same happens with the sender’s email. It’s a weird email ending on @outlook.com. The attached link here looks more suspicious than the other one; we can see that instead of the “www” at the beginning, it says “web”. So we can already see that this is not an official link of Facebook by any means.   

You can read more about Facebook phishing attempts on the Facebook Help Center. 

How to protect yourself from phishing attacks?

While we would love to think that our email provider is perfect and will automatically filter out any suspicious or wanted emails, that’s not always the case. Scammers have gotten better at outsmarting spam filters, making it easier for them to make their way to your inbox. Therefore, it’s always a good idea to be aware whenever you check your email. 

• Think before clicking on any links, and follow the tips we shared with you. 
• Make sure your computer’s security software is up-to-date.  
• Do not share personal or financial information via links found in emails. If you suspect it could be a real email, always contact the company that supposedly sent you the email first, with a call or a message on their social media, so you can ask them directly if something is wrong. Search their contact info on their website on Google, DO NOT click on anything on the email.  
• Protect your accounts by using multi-factor authentication. 

We hope this information helps keep you secure next time you receive a sketchy email. Always contact any business only on official channels to avoid getting scammed.