Spam emails – we all get them, unfortunately, but some are harder to detect than others. Here’s a little information about what a “phishing” scam is and some handy prevention steps that can be followed.
Phishing is a form of online identity theft in which a scammer tricks people into submitting personal information to illegitimate websites or other untrusted sources. Phishing scams are usually presented in the form of spam emails (see example below), pop-ups, or even phone calls from people claiming to be with a company such as Microsoft or the CRA and are often difficult to detect. Once the scammers obtain your personal information, they can use it for all types of identity theft, putting your good credit and name at risk as well as the image of your company.
Because phishing is one of the most common forms of identity theft, it is important for us to become familiar with various types of phishing scams as well as to learn how to take basic action against it.
- Use the preview mode to browse the email content as much as you can before you actually open it (and do not click links, reply, or forward the email).
- Look at information such as sender name, sender email, subject line, receiver. Often spam emails try to mimic those from a bank or other recognized institution.
- If the email comes from an unrecognized sender and you question its legitimacy, contact technical support or the person/company directly via phone from their listed number on their published website (Google to find it – do not click any links in the email).
- Do not ever reply to the spammer or click the unsubscribe link. Delete the spam email. If you click on an unsubscribe email link or reply then this lets the spammer know that the email address is actively used and that they and others should target you.
- Be aware of website or redirection links. If you need to open a suspiciousmail which has an unrecognized sender’s address, avoid clicking links in the email. You never know what that link will do with your computer and with your email address behind the scenes.
- Should you click on a link accidentally and are prompted for your personal details, never give them – even if the email appears to come from an enterprise you do business with. Phishing websites often copy the entire look of a legitimate website, making it appear authentic. To be safe, call the business directly to see if the email is authentic. Legitimate businesses do not request personal information to be sent via email.
- The same goes for attachments: never download any attachment in emails from unknown senders (even if it is .doc, or .docx, or .pdf file). It is wise to open attachments only when you are expecting them and know what they contain, even if you know the sender. If you are unsure, contact technical support and let us help (and should you accidentally open or download an attachment that seems odd, please contact support immediately).
- Always keep your computer up to date. This is done by restarting your workstation at least once a week to ensure all patches and updates are applied to your machine.
Example phishing email.
Remember that you may be targeted almost anywhere online, so always keep an eye out for those “phishy” schemes and never feel pressure to give up personal information online. If you need any assistance or support, we are always here to help!