The most prevalent type of cybercrime in the United States, phishing attacks see cybercriminals send fraudulent emails purporting to be from reputable businesses or organizations, all in an effort to trick recipients into providing their personal or financial details. And according to the FBI’s Internet Crime Complaint Center, these digitally executed schemes cost American consumers more than $18 million of their own funds in 2023.
But by knowing how to spot a phishing email, how to report a phishing email and how to stay safe online more generally, consumers can protect themselves — and others — from falling victim to these fraudulent ploys. Read on to learn about some of the ways to identify phishing emails, what to do when you receive them, and other ways to steer clear of fraudsters with your online activities and email communications.
- Be careful with every email received — By always being on your toes and treating every email in your inbox as a potential threat, you can take substantial strides toward protecting yourself against online scams. Phishing emails can often look quite convincing, from the sender name and company logos to the official-sounding language used and the lookalike web addresses employed. But by always being on the lookout for things like online banking scams, for example, you can reduce your chances of falling victim to fraud. If you see, for instance, emailed requests for your username, password or other account information, you should think to yourself, “Banks never ask that via email.” Anytime you have this feeling, there’s a good chance the email that you’re reviewing is not legitimate.
- Be especially leery of links — A common practice in phishing emails is to ask you to click on a link to make a payment or “verify” your login credentials. Consider this a big red flag. While the web address provided may appear to be a legitimate one, the link will often direct you to a fraudulent website created to collect your sensitive personal or financial information. To check the actual destination of a link embedded in your email, hover your cursor over the linked words or web address without clicking it, which will cause the link’s actual destination URL to appear on your device’s screen. Even better, when looking to check on and resolve any potential issues, it’s a good practice to contact the business or organization directly via an official phone number or email address rather than clicking through on any emailed or texted links. That way you’ll know you’re actually dealing with the legitimate business or organization as opposed to a scammer.
- … and unexpected attachments — Another common phishing tactic is to send an email attachment such as a PDF file that the email claims is an important document — but is actually a malicious file in disguise. These attachments will often be computer viruses or malware designed to cause problems with your devices or monitor your online activities, thereby enabling scammers to glean your personal information or login details. Businesses such as banks will never send such attachments without making you aware they’re coming or without you requesting them, so it’s wise to avoid downloading unexpected attachments and/or to contact the business to confirm legitimacy before ever downloading them.
- Keep your devices secured and up to date — Computer and software makers frequently provide updates to and patches for their operating systems, applications, etc. This is often done in an effort to address any security vulnerabilities they may discover or to otherwise stay ahead of cybercriminals’ evolving tactics. So, by keeping your devices, operating systems, and applications up to date with the latest patches and updates, you can better protect yourself against unwanted intrusions by cybercriminals.
- Look for typos and poor grammar — Legitimate businesses and organizations typically go to great lengths to maintain a professional image with their communications. Cybercriminals, on the other hand, tend to be much less attentive to quality assurance with their phishing emails. As a result, typos and poor grammar often serve as strong signs that an emailed message is not legitimate. If you spot an error, it should set off alarm bells for you and give a good indication that the email is fake.
- Be suspicious of scare tactics — Scammers often employ high-pressure language and/or a sense of urgency to compel their victims to provide the sensitive information they are seeking. Legitimate businesses and organizations, on the other hand, rarely use these kinds of manipulative tactics. If you receive an email demanding immediate action, threatening undesirable consequences, and/or putting you in a stressful situation otherwise, consider it a red flag that the mail may not be legitimate — especially if it asks for personal information such as your login details, your Social Security number or your account information.
- Report sketchy emails — Many businesses and organizations provide a dedicated email address specifically for reporting phishing emails. And by contacting the business or organization to get this email address or by searching for it online, you can report suspicious emails (and help ensure the cybercriminals are tracked down and stopped) by simply forwarding them to the dedicated address. Otherwise, suspected phishing emails can be reported to the FBI’s Internet Crime Complaint Center, the United States’ central hub for reporting cybercrime.
- Follow cybersecurity best practices — In general, by following some best practices with your email communications and online activities, you can protect yourself from falling victim to cybercriminals. For more helpful information on some of the leading best practices, check out the Arthur State Bank blog articles “7 Simple and Effective Ways to Protect Yourself From Cybercrime,” “8 Ways to Protect Yourself Against ID Theft” and “9 Tips, Tricks and Tools for Safer Online Banking.”
Proudly serving South Carolina since 1933, Arthur State Bank offers accounts and services to meet a variety of financial needs. To help you achieve all your financial goals, the bank offers in-person service as well as a range of convenient digital solutions. To learn how Arthur State Bank can help you with banking needs ranging from checking and savings to retirement accounts, mortgages, other personal loans, and more, visit arthurstatebank.com.