SUMMARY: Criminals make phishing emails look as realistic as possible so they can trick people into responding to their messages.No matter how much effort a criminal puts in, though, you can almost always find flaws that distinguish real emails from phishing attempts.
As you go through your messages, look for these four signs that could help you identify phishing emails. By catching the fraudulent emails, you can protect yourself from fraud, prevent malware from infecting your computer and stop criminals before they target other people.
Poor English That Feels Unnatural
Nearly all phishing attempts come from countries that don't speak English as their primary language. Not surprisingly, the people sending the emails only know small amounts of English. To a native speaker, the grammar and spelling can look atrocious.
If you find yourself startled by someone's poor grammar, spelling and word choices, then you have probably discovered a phishing email.
Personal and professional emails rarely have a sense of urgency. Your cousin doesn't need your wedding RSVP by the end of the day. Your business partner doesn't need to you to finalize a deal that you just started yesterday.
In the normal world, honest people give each other enough time to think about their replies. In the land of phishing emails, though, everything must happen immediately.
Criminals know that they have to pressure potential victims to send them money or download malicious software as soon as possible. The longer you have to think about it, the more likely it is that you will recognize the scam.
If someone pressures you to make a decision quickly, assume that it's a phishing email. Even if it's not a phishing scam, it's still an email from someone who wants to take advantage of you.
Offers That Are Too Good to Be True
Phishing emails often use amazing offers to attract victims. They may say that you've won a lottery in another country, have an inheritance from a wealthy, unknown relative, or just need to make a small investment to quintuple your money!
Sorry, but none of these events will happen to you. Emails that make such claims are scams.
Requests for Private Information
Plenty of criminals pretend that they're customer service representatives so they can trick people into giving them private information. For instance, an email "from your bank" might ask for your login information to verify your account.
No reputable company would ask you for private information over email. If you get an email asking for an account number, address, birth date or any other private data, do not respond to the message.
What Should You Do With Phishing Emails?
Now that you know how to identify phishing emails, you need to learn what to do with them. Most importantly, you should not open, respond to or download anything from the messages.
Most people don't take any action other than marking their emails as spam. You can do a lot more to protect yourself and others, though.
Start by reaching out to your email server. Google, for instance, has a team that reviews phishing attempts sent through Gmail. If you receive the email from your work account, contact your employer's IT department.
You should also contact the United States Computer Emergency Readiness Team to report the phishing scam. The government works with the Anti-Phishing Working Group to collect and research phishing emails. By taking this step, you could potentially shut down scammers operating all over the world.