It might sound the same, but this isn’t how you spend a relaxing Sunday afternoon. Phishing is an identity theft scam that uses an insidious email masquerading as one you can trust in an attempt to make off with your personal or financial information.
Watch for Coronavirus Phishing Scams
The new coronavirus isn’t just a global health issue, it also spills over into other facets of modern living, including phishing scams. Scammers use events like these to prey on the fearful by selling snake oil cures, promising cheap medical supplies, and even posing as legitimate organizations like the Centers for Disease Control and Prevention (CDC).
You can skip the scams and protect your personal data by following two simple rules:
Delete emails that claim to come from “official” sources. Instead, you should directly visit the websites of official sources like the CDC and the World Health Organization (WHO) for news and information.
Never click links in emails from unknown senders. Killer deals are usually too good to be true and news of vaccinations won’t come in your email. Instead you’ll learn about these from government officials, usually via the local or national news.
Phishing scams are so successful because they dress up like an important message from a legitimate company that you probably have a relationship with. These emails show up in your inbox either raising an alarm that your information may have been compromised so you need to verify it or asking for a routine update of account information.
They will always include a link that you need to click on in order to follow the instructions in the message. If you click on the link, chances are you’ll open the gateway for hackers to install malware or another virus on your computer. But all hope is not lost. You can take extra care to weed out phishing scam emails before they worm their way into your private data.
Double-Check before You Click
Before clicking on a link in any email, carefully review the contents, the email address it came from, and the type of information it’s asking for. If any of those seem “off” to you, don’t click.
Pay Attention to Sender Email Addresses
Phishing scams make up email addresses that closely resemble the real thing. If you have other messages from the company in question, look at them to see if the addresses are the same. Red flags include extra characters, a different domain extension (.org, .com, etc.), or different spelling.
Watch Out for Bad Grammar
Sloppy grammar, bad spelling, missing words, or improper tenses are dead giveaways that there’s something phishy going on.
Look for Company Info
Phishing scams like to copy logos, footers, disclaimers, and other identifying information to look legit. If any of these are missing or different than usual—or if it just doesn’t feel right—send the message to the trash and contact the company via phone.
Err on the side of caution if you have any inkling that an email may be part of a phishing scam. If you’re concerned about deleting a message that may be important to your account, contact the company directly by phone or a verified email address you’ve used in the past to report the message and find out if you need to do anything in regard to your account. You can also use anti-malware softwarethat helps weed out phishing scams when they try to enter your email account.
Rebecca is the lead safety reporter and in-house expert for SafeWise.com. She has been a journalist and blogger for over 25 years, with a focus on home and community safety for the past six. Rebecca spends dozens of hours every month testing and evaluating security products and strategies. Her safety expertise is sought after by publications, broadcast journalists, non-profit organizations, podcasts, and more. You can find her work and contributions in places like TechCrunch, The Washington Post, The Chicago Tribune, HGTV, MSN, and an ever-growing library of radio and TV clips. Learn more