How to check if an email is legitimate
It was not that long ago that spotting a fake email was as easy as looking for misspellings and grammatical mistakes. Those telltale signs were enough to tip off even the casual user, and the success rate of these early phishing attempts was relatively low.
Things have changed dramatically, and the bad guys have become better at what they do. These days spotting a fake email is not always easy, and falling for the ruse can be damaging to your computer – and your finances.
Previously hackers tried to destroy the data on your hard drive, but now their goal is far more nefarious. If you click an infected link or enter your password into a fake site, you could be handing the keys to your identity and your financial life over to a hacker.
So what do you do if you receive a legitimate looking email, one that purports to be from your bank or other institution? How can you tell if the warning message is real, and you really need to update your login credentials or take steps to safeguard your account?
Here are some things you should do right away if you receive one of these emails.
Go Directly to the Website
If you receive an email that claims to be from PayPal, Facebook, your bank or any other business where you have an account, start by going directly to the source. Instead of clicking links within the email, which could harbor harmful malware or key logging programs, open up a new browser window and type the address of the company or financial institution.
Log on to your account using the credentials you previously set up. If there is a problem with your account, you should see a warning message right there. If you do not see anything, you can be fairly certain the email is a fake.
Telephone the Company
You can also verify the legitimacy, or illegitimacy, of the email by contacting the company directly. Be sure you look up the actual phone number from your bank statement or other legitimate source – do not call the phone number listed within the email, as it could be a fake.
When you contact the company by phone, ask to be directed to their fraud or security department. Let the person you talk to know about the email and ask them to check your account. If there is really a problem, the representative will be able to give you the relevant information. If the message is a fake, you can notify the security department of the phishing attempt.
Verify the Links
Phishing emails often use infected links to spread malware and log keystrokes, but you can protect yourself by not clicking them. Before you click on any embedded link, no matter how legitimate the email appears, take a few minutes to verify its authenticity.
Start by hovering your cursor over the link in question – you should see a URL appear. If the URL address does not match the purported sender, you can be fairly certain you are looking at a phishing attempt.
If the URL does not appear, you can copy the link and paste it into a text editor. Once again, if the web address and sender do not match, you can be fairly sure the email is a scam.
Scan Your Computer
You can never be too careful, and the very existence of a phishing email should always be cause for concern. Even if you did not fall for the scam, it never hurts to scan your computer and make sure it is clean.
You should ensure that you have paid security protection in place. Free protection does not offer the full benefits. We recommend AVG. If your computer is an Apple Mac we recommend Kaspersky for Mac.
AVG Internet Security £14.99
Fire up your security software or malware scanning program and run a full scan on your computer. Look for any problems and make sure your security software is up to date. While you are at it, make sure you have daily updates and scans turned on and review the results of any recent scans.
It is no longer so easy to spot a phishing attack, and even experienced users have been fooled. No matter how wary you are, it is easy for one of these emails to slip through the cracks, and knowing how to protect yourself can mean the difference between a compromised computer and a secure online life. Remember to always think before you click, then follow the steps outlined above.