Phishing scams can be dangerous for you and your online accounts. Your email provider, like Google, works very hard to ensure that its email clients are safe from phishing scams. However, that just means that when a phishing scam does get through it is especially deceptive.
What is phishing?
Phishing scams are emails, texts, or phone calls that try to trick you into clicking a link, revealing confidential information, or downloading a virus. These scams are usually easy to spot for a number of reasons, but, sometimes, they are incredibly difficult to spot leaving you vulnerable.
[bctt tweet=”The best way to protect yourself from phishing is to learn how to spot it. #phishing #goobertips” username=”Techno_Goober”]
How do I prevent phishing?
Well, there’s not actually anything you can do to prevent phishing emails from landing in your inbox. There are some very fancy and relatively expensive security firewalls or filters you can install on your email, but that still won’t stop everything.
How do I protect myself then?
The best way to protect yourself from phishing is to learn how to spot it. If you can know what an untrustworthy email looks like, then you are less likely to fall victim to their tricks.
[bctt tweet=”The best way to protect yourself from phishing is to learn how to spot it. #phishing” username=”Techno_Goober”]
To spot a phishing email, look for 4 things:
- Email address
- Your name or a greeting
- Grammar and syntax
Spot a Phishing Scam
Recently, Gmail was the target of a series of phishing scams. I received this email as a result of those phishing scams. To help you understand how to analyze an email for phishing red flags, consider my example below. (Hint: click the photo to enlarge it for easier viewing)
A user would receive an email from a fake address with a picture stolen from your contacts, but the address wasn’t the same. That’s your first hint. Double check the email address for accuracy.
You can’t trust an email just because you think you know who it is coming from. Scammers are smart. They will do anything to make your think that an email is coming from someone you know or should know when it’s not. In the example above, I recognized almost immediately that “mail.com” is not a real email address. For the sake of example, say you don’t notice the fake email address, and you open it. What next?
When you open the email, it may seem relatively harmless. It may be worded strangely or seem slightly off. Check the address. Does it say your name at the top? Is it completely obvious that the person who sent this email knows who you are? In the example above, the email was addressed to “Sheri,” but not until later in the email. There was no greeting at the top.
Lack of a greeting is often a very good hint that the email is fake. Anyone else emailing you would say good morning or hello at the top with your name. Be cautious of emails that don’t know your name.
Grammar and Syntax
Grammar, syntax, and logic are ultimately the best giveaways of a fake email. Scammers rarely take the time to double check their grammar in an email. They have so many lies running in one email that the logic gets lost too. If it takes several tries to read an email and you still have no idea what it’s trying to say, it’s probably a scam. Logic is your best defense against scammers.
In the email example above, there doesn’t seem to be a connection between a family-oriented person and a link advertising city rentals.
Double Check the URL
Often, there will be a link or an attachment in a phishing email. When you click on that link, you will be asked to login to your Gmail account again. DON’T ENTER YOUR PASSWORD! The login screen may look trustworthy. It may even look almost identical to the page you expected. Check the URL though. Is that really the site you thought it was?
If you put your login information in, it may say error and return you to your email. That error was actually a virus infecting your computer and phishers stealing your password and information. If you click the attachment, it may infect your computer faster.
In the example above, the URL started with http:// which is not trustworthy. Look for https:// instead. Also, what does city rentals have to do with badboyz? That URL does not look real.
What do I do if I don’t spot the signs?
If you fall victim to this scam, CHANGE YOUR PASSWORD IMMEDIATELY. Also, change the password for any account that has the same or similar password. They have access to any account using that email and password. This is why Techno Goober recommends that you use a unique password for every account. Be cautious on the web and always be on the lookout for phishing scams.
You can report Gmail phishing scams to Google by clicking the drop-down box next to reply, and selecting “Report Phishing.” Here’s an example and how to report it.