How to spot email “phishing”

Phishing emails attempt to gather personal information such as passwords, account information or credit card numbers. The emails appear to be from a legitimate source – your bank, internet or email provider for example. They are often designed to mimic the appearance of a legitimate business including company email addresses and logos. But with a closer look, you can often spot phishing emails from some of the characteristics which I list below.

In any email that you receive, you should never click on a link that you are not 100% sure that the email came from the identified sender – and you know and trust that sender. If in doubt, contact them by typing their website address into your web browser and look for contact information on their website. No legitimate company would ask for a password or financial information via an unsolicited email or phone call.

Phishing email

In the example above there are several characteristics that identify that the email is a phishing attempt:

• Grammar – note the sentence “Please you are to fill in the below informations to validate…”
• A legitimate company already has your password
• When hovering over the “From” address, it displays “web_upgrade2dsk@…”. Most legit e-mail is from addresses that begin with info@… or customerservice@… – though an email address is easy for hackers to forge.
• Addressed to “undisclosed recipients” and “account owner”. A legit company would send it to your email address and know your name.
• A scare tactic – “Failure to follow this process … result in loss of important information”.

AOL Phishing email

In the above example from “AOL” above, what characteristics do you see that it is a phishing email?

More information:

How to recognize phishing email messages, links, or phone calls – Microsoft

Consumer Advice: How to avoid phishing scams – Antiphishing.org