Security Corner: Beware of Fake Emails
We have all seen it, those emails that appear in our inbox that have a subject of “Your service will be disconnected unless you act now,” “Reset your password now,” and “There’s a problem with your account.” Some of these look like the real thing and your instinct might be to immediately address the request but BE CAREFUL. Before you click a link, open an attachment, or respond, to the email, be sure to check a few things:
- Are there blatant misspellings in the subject line or body?
- Does the company font or logo not match what you would typically see online from that specific company?’
- Does the From email address appear to be from a non-company domain (i.e. yahoo.com, gmail.com, outlook.com, etc.)
- Does the From email address appear to excessively long or doesn’t make sense (i.e. firstname.lastname@example.org or email@example.com)
Here’s a real-world example of a scam email:
Imagine you saw this in your inbox. Do you see any signs that it’s a scam? Let’s take a look.
The email looks like it’s from a company you may know and trust: Netflix. It even uses a Netflix logo and header.
The email says your account is on hold because of a billing problem.
The email has a generic greeting, “Hi Dear.” If you have an account with the business, it’s unlikely you’ll see a greeting like this.
The email invites you to click on a link to update your payment details.
While, at a glance, this email might look real, it’s not. The scammers who send emails like this one do not have anything to do with the companies they pretend to be. This is a phishing email, where scammers are looking to obtain your personal information and can have real consequences.
If this does pass the “sniff” test and you click on a link, and you are sent to what appears to be a company website, but your password manager software doesn’t auto-populate the login, you might be at a scam site. Close your browser, and don’t go any further.
If you suspect you’re the recipient of a scam or phishing email, go directly to the web site from a new browser session and log into your account. Type in the website you know or Google it, don’t paste the link from the email. Banks, credit card companies, service providers will mostly likely send you a notice within your account if there is a problem or if they need something from you. Or, you may call the customer service department of the company and inquire about the request directly.
Alternatively, you can always forward your questionable emails to us at firstname.lastname@example.org and we’ll help determine if it’s legitimate or not.