It seems that every year phishing emails increase around the holidays. This year is no exception. The common phishing email this year is the “order confirmation” email. The email appears to be confirming your purchase from an online retailer. Only problem is that you did not buy anything from them. Or maybe you did. The goal of the “order confirmation” email is to get you to either click on a link or open the email’s attachment by telling you to review your order. If you did not order anything you may be compelled to click or open to see what was ordered. If you have purchased from the online retailer you may assume it was for your legitimate purchase and click on the link or attachment. Either way the goal is to get you to click. If you do click you are unleashing the potential for malware, software with malicious intent, into your computer or portable device.
So how can you tell which is legit and which is phishing? Follow these simple tips.
- If the email starts with “Dear Customer” it is a scam.
- If the email is written in broken English it is a scam.
- Hover your curser over the sender’s name to reveal the real sender’s email address. Do they match? If not it is a scam.
- Hover, do not click, your curser over the link in the email. Does the URL match the URL in the body of the email? If not it is a scam.
- Google it. Search by either the sender’s email address, the subject line or the name of the company followed by “phishing email.”
- If you have an account with the supposed sender log in to your account and check the order history. If a purchase is not listed the email is a scam.
- If you do not have an account with the supposed sender it is most likely a scam. But just in case, monitor your credit card and bank transactions for fraudulent transactions. If detected report it the financial institution immediately.
So there you have it. Simple, easy to use tips to identify a phishing email.
Until next time, stay safe my friends.