Every day countless phishing emails are sent to unsuspecting victims all over the world. While some of these messages are so outlandish that they are obvious frauds, others can be a bit more convincing. So how do you tell the difference between a phishing message and a legitimate message? Unfortunately, there is no one single technique that works in every situation, but there are a number of different things that you can look for.
1. The message contains poor spelling and grammarWhenever a large company sends out a message on behalf of the company as a whole, the message is usually reviewed for spelling, grammar, legality, and a number of other things. As such, if a message is filled with poor grammar or spelling mistakes it probably didn’t come from a major corporation’s legal department.
2. The message asks for personal informationNo matter how official an email message might look, it is always a bad sign if the message asks for personal information. Your bank doesn’t need you to send them your account number. They already know what it is. Similarly, a reputable company should never send an email asking for your password, credit card number, or the answer to a security question.
3. The offer seems too good to be trueThere is an old saying that if something seems too good to be true, it probably is. That saying holds especially true for email messages. If you receive a message from someone unknown to you who is making big promises, then the message is probably a scam. After all, why would a Nigerian prince that you have never heard of contact you to help him smuggle money out of his country?
4. You didn’t initiate the actionJust yesterday I received an email message informing me that I had won a contest!!!! The only problem is that I never entered the contest. If you get a message informing you that you have won a contest that you did not enter then you can bet that the message is a scam.
5. You are asked to send money to cover expensesOne sign of a phishing E-mail is that you will eventually be asked for money. You might not get hit up for cash in the initial message, but sooner or later a phishing artist will likely ask for money to cover expenses, taxes, fees, or something like that. If that happens, then you can bet that it’s a scam.
6. The message makes unrealistic threatsAlthough most of the phishing scams seem to try to trick people into giving up cash or sensitive information by promising the victim instant riches, other phishing artists try to use intimidation to scare the victim into giving up information. If a message makes unrealistic threats then the message is probably a scam. Let me give you an example.
Several years ago, I received a very official looking letter that was allegedly from Bank of America. Everything in the letter seemed completely legit except for one thing. The letter said that my account had been compromised and that if I did not submit a form (which asked for my account number) my account would be canceled and my assets seized. Only thing was, I did not have a Bank of America account.
But what if I were a Bank of America customer? That might've made me think twice. The best thing to do with an email from a bank, or the IRS, that seems to be making demands – is to go directly to their website (by typing in the address, NOT clicking any links in the email!) or call the bank and ask what is going on. They'll know!
7. The message appears to be from a government agencyPhishing artists who want to use intimidation don’t always pose as a bank. Sometimes phishing artists will send messages claiming to have come from a law enforcement agency, the IRS, the FBI, or just about anything else that could scare the average law abiding citizen.
Follow the same cautions as #6 above, either ignore the email or contact the agency directly.