Stay protected against phishing attempts by learning to identify common red flags in suspicious emails.
Common Phishing Red Flags
When dealing with phishing emails, it’s essential to be vigilant. Here are common red flags to watch out for:
- It’s sent from a public or free email domain. Scammers often use free webmail providers (like Gmail, Yahoo! Mail, etc.) while legitimate organizations communicate with their official domains.
- Mismatched “From:” name and email domain. If the sender’s name doesn’t match the domain (e.g., a bank using Gmail), be cautious and reassess.
- Spoofed company domain. Scammers mimic legitimate domains to appear trustworthy.
- Warnings from your email provider. If your email provider flags a message as suspicious or marks it as spam, take it seriously.
- Account issues or urgency. Scammers create urgency (e.g., account problems, suspicious activity) to pressure you into action.
- Suspicious links or attachments. Be wary of unexpected links or attachments. Hover over links to check their actual destination.
- Unrecognized invoices. If you receive an invoice you don’t recognize, verify its legitimacy.
- Offers and giveaways that are “too good to be true.” Scammers entice victims with fake offers.
- Blackmail threats or recordings. Ignore threats or claims of compromising recordings. Deepfakes are getting better at mimicking audio and video.
- Generic greetings. Legitimate emails personalize greetings; generic ones may be phishing attempts.
Protect Yourself from Phishing
When in doubt, always go through the purported source’s verified contact channels and website. Legitimate companies won’t ask for sensitive data via email, nor pressure you into paying money with threats of account closures or even physical retribution.
When in doubt, ALWAYS verify suspicious messages!
Use caution, and stay protected against phishing.