Malicious emails are more common than you think
In fact, during the course of working on this article, I personally discovered the perfect example of an email scam sitting in my inbox. With the subject line of “Eviction Notice,” the message claimed to be from my local sheriff’s office. Luckily, before even opening the email I was confronted with two red flags that raised my suspicion that this wasn’t a legitimate notice.
First, I’m currently not renting property to be evicted from. And secondly, the notice came to my work email, which I know I wouldn’t use for personal matters such as rental applications. Already having enough reason to be suspicious of the email, I carefully inspected it and noticed that the salutation was generic.
In fact, my name didn’t appear anywhere in the email at all—which is odd for a supposed legal notice. After searching “Eviction Scam” along with the case number included in the email, I discovered that this was a line-by-line copy of a common phishing email that prompts unsuspecting people to download more information about the fabricated eviction. By knowing what to look for, I avoided becoming another target of this phishing scam.
How to spot email scams
Not every email scam is as easy to spot, but there are steps you can take to learn how to recognize these fraud attempts. Phishing emails are a growing method through which identity thieves access your personal information. Posing as a recognizable company or a trustworthy friend, scammers often send fraudulent emails asking for your private information.
Over half of all internet users receive at least one phishing email every day. Social Security numbers, dates of birth, website login details—these are all items that an identity thief would love to have. If you do end up clicking the link and entering your details, scammers can then use your information for their own advantage. The resulting personal and legal problems can take years to clean up. Scammers use fraudulent emails in a variety of ways.
Gimmicks cybercriminals use to get you to click:
- “Your account or your payment information has been compromised.”
- “Please verify your personal information.”
- “Click on this link to make a payment or to log into your account.”
- “You are eligible to win a free trip/coupon/prize!”
- “Eviction notice” (or other warnings that are intended to scare you into a hasty decision).
How to double-check before clicking anything
- Confirm that you actually have an account with this company or know the sender.
Hover your mouse over any links contained in the email. The true path for the URLs will be shown at the bottom of the window; if they look unfamiliar or bizarre, don’t click them. Legitimate messages often don’t contain major spelling mistakes or grammar errors. If your email has a glaring error or two, do not trust it. Is the greeting generic, such as a simple “Hello” or “Valued customer” instead of using your actual name? If so, it could be a suspicious email. Fake email messages are sometimes urgent, warning you to act now to fix a problem you didn’t know you had. That immediate action can wait a few minutes until you’ve checked if it is a legitimate message or not.
- Review the sender’s signature.
Is it as generic as the greeting was, leaving out crucial information such as the sender’s name or business? This is a red flag. Always remember that legitimate businesses will not ask for your personal information via email.
What to do when you get a suspicious email?
You’ve received a message and you are pretty sure it is a phishing email. What should you do now? Most importantly, you should not click on anything within the email. You can help take the malicious email out of circulation by forwarding the message to the Federal Trade Commission at [email protected], and also report the scam to the Anti-Phishing Working Group at [email protected]
These two entities will work to make sure similar messages do not get sent out again in the future. Now you can take steps to protect yourself from future phishing attacks. You might want to set up an email spam filter to keep suspicious emails from reaching your inbox in the first place. You should also enable security software on your computer and set it to update automatically to keep up with new security threats. And keep a back-up of your computer data on a separate hard drive, in case you ever do fall victim to a scam that compromises your files.
You’ve clicked on a phishing email — what next?
Now is not the time to panic. Close out of the email message and delete it. If you are worried that you’ve been compromised but still aren’t sure, call the actual company or person that this email claimed to be from. Make sure you use the real number for the sender, not one provided in the email. If the company or person verifies that they did not send the email, you can update your computer’s security software and run a scan.
Get professional help
If worse comes to worst, you may find out that your personal information has been stolen. But still, it’s not the end of your world. Find out how IDShield can help. IDShield is available 24/7 for emergency consultation. If you need further assistance, we will provide Licensed Private Investigators who will do whatever it takes for as long as it takes to restore your identity to its pre-theft status.
You can maintain your IDShield Membership even after the storm has blown over! IDShield provides security monitoring, dark web monitoring, social media monitoring, and more – all to ensure that your Personally Identifiable Information (PII) is in your hands and nobody else’s. You can rest easy knowing that you have committed, professional identity protection with IDShield.
IDShield is a product of Pre-Paid Legal Services, Inc. d/b/a LegalShield (“LegalShield”). LegalShield provides access to identity theft protection and restoration services. For complete terms, coverage and conditions, please see an identity theft plan. All Licensed Private Investigators are licensed in the state of Oklahoma. This is meant to provide general information and is not intended to provide legal advice, render an opinion, or provide any specific recommendations.