Phishing scams are still among the most potent of cyberattacks, claiming thousands of victims every year. The scams aren’t as simplistic as they used to be, either. Their complexity has increased, and the sophisticated hackers behind them know exactly how to exploit their victims to get what they want.
In this guide, we’ll cover 10 signs of a phishing scam, so you can protect both yourself and your business. This guide is for business owners and everyday people looking to avoid one of the internet’s most common scams.
1. Strange Language
Remember the Nigerian Prince scam from the early 2000s? Believe it or not, this scam raked in millions of dollars from people who fell for it, and, surprisingly, still brings in about $700,000 per year.
The emails were usually written in strange-sounding language (of course, that’s what helped to sell it). Words are often mismatched, misused, or it’s clearly written by someone whose first language isn’t’ your country’s primary language.
2. Check The Domain/Address
Often, phishing emails come from domains that don’t match up or that seem fishy. You’ll also find a different domain in the email address than the one it sends you to. This is a surefire sign of a scam. If a legitimate company sends you an email or an offer, it should take you to their website, or the one that’s listed on the email.
That doesn’t mean every domain that matches is legit, either. Be cautious with the links you follow.
3. Creating Urgency
Phishing scams are great at creating a false sense of emergency or danger. We’ve all gotten emails that say, “If you don’t act now, your account will be closed” or something similar. These threats are simply scare tactics, and while you might think you’d never fall for them, thousands of people do every year. Often, the threats are disguised as government agencies or official institutions like banks. For someone who’s not very literate in terms of the internet, this can be the perfect scam.
The bottom line? You probably won’t get an email about your assets being seized or the IRS suing you, so just delete it, follow up with the proper agency, and verify things before you do anything.
4. Don’t Open Any Attachments
Some phishing scams have suspicious attachments that just don’t look right. For example, if you get a blank email with no subject and a .zip file, it’s probably a good idea to delete it ASAP. It’s tempting to click that attachment, but you need to resist and save yourself the trouble of a possible hacker attack.
Some .zip files can download viruses and even lift passwords from your computer. Passwords should always be stored securely via a password manager online in order to avoid such an attack. Also, don’t download suspicious files.
5. Strange Requests Or Demands
Phishing scams often make strange requests or even demands. These aren’t exactly threats, but can be things like “please transfer me money so I can unlock my bank account and send you triple the amount back” (sound familiar?). Official organizations won’t request account information or make such requests via email, so it’s safe to assume you’re being phished.
6. “Confirm Your Information For Our Records”
I’ve personally received about a million of these emails. It’s always some vague website that wants to “verify your identity” or “verify your information for our records”. If you click the link, you’re either redirected to a shady website or prompted to put personal information into a web form. Do not do this. If you believe a legitimate organization needs to verify your records, call them. Government agencies don’t ask for personal information through email.
7. Poorly Written Sentence Structure/Grammar
A lot of phishing emails come from outside the country, and they’re usually written pretty poorly. Meaning so poorly that a kindergartener could have written them better. Think about it—would a legitimate organization send out an official email with tons of spelling and grammar mistakes? Probably not. Most organizations will have editors/copywriters for such things.
8. Offering Something You’ve Needed, But Sounds Too Good To Be True
You’ve been job searching for months, and one Monday, you get an email with a job offer that sounds too good to be true. It’s an unprompted email—you never reached out to the alleged business—but it’s offering something great. It’s probably a phishing scam.
9. You’re Getting An Email Related To Something You Never Did Or Participated In
If you get an email talking about how you’ve won the British lotto and are now the proud owner of around $1,00,000 in British pounds, it’s safe to assume you’re being scammed. After all, you live in North Carolina, and you’ve never even been to Britain.
10. Use Your Instincts
Perhaps the best defense you have against phishing scams is your instincts. If something feels wrong, it probably is. Your brain knows what to look for most of the time, and even though phishing scams have gotten more sophisticated, we’ve also learned a lot more about them. Look for things in the email that don’t seem right, and follow the previous nine tips to the tee. You’ll never be phished again!
