Phishing is a highly-effective cyberattack, which has led hackers to use it more and more over the last few years. Learn how to recognize common phishing emails so you can avoid them at all costs.
What is Phishing?
In case you’re unaware, phishing is when a hacker disguises a communication so that it looks legitimate or alarming in order to get unsuspecting victims to hand over sensitive information or download malware.
It can also happen over the phone, through physical mail and more, but we’re going to focus on phishing emails here.
7 of the Most Common Phishing Emails
1. Government Threats
There are a number of fake government threats that phishers use to disguise their malware emails. These include claims that you’ll be fined for various violations, notices that your internet access will be revoked because you viewed illegal websites and more.
Getting a warning that appears to be from the government can be downright terrifying, even if you know it’s a mistake. That quick jab of panic often causes victims to act irrationally and fall for the scam.
Remember, government organizations will almost never send this type of communication via email. It almost always comes in the physical mail.
2. Boss/Coworker Disguise
There are cases in which a hacker gains access to someone’s company email account, then uses that access to obtain further sensitive information from other people.
We highly recommend that you follow-up in person if you receive a suspicious request from a boss or coworker. You don’t have to be paranoid every time you’re asked for something, but do your due diligence if something seems fishy (or phish-y. Bad pun, sorry).
3. Billing Issues
This one consists of an email that tells you there was an issue with something you purchased. Usually, it’s something along the lines of an incorrect shipping address or credit card number. It provides a link, where you’re taken to a fake (yet often legitimate-looking) website, where you’re asked to re-enter your credit card information.
Obviously, sometimes you’ll receive phishing emails like this for things you didn’t even buy, which you can safely ignore. Other times, they might get you. Always double-check the URL of a website before you enter any personal information.
4. Malware/Compromised Account Scare
These emails just tell you straight up that your computer already has malware or that one of your accounts has been compromised. Once again, the hackers are trying to get you to act rashly by sending a threatening message that might make you panic, even if it’s only for a moment.
Here’s what to do in each situation:
- If you get an email that says your computer has been hacked: disregard it, unless it’s from your cyber security provider. In this case, don’t click any links in the email and call them directly.
- If you get an email that says one of your accounts has been compromised: don’t click any links in the email. Instead, open your internet browser and go to the website of the supposedly hacked account. Try to login from there.
5. Banking Notice
Most banks send email notifications for issues such as large withdrawals, suspicious activity and overdrafts.
To be safe, we recommend that you still don’t click links in these emails, and definitely don’t reply to them with any personal information. Instead, call your bank or open your internet browser and log into your account from there to check the validity of the notification.
6. Tax Scams
This scam ramps up big time during tax season. The phishing message states that you’re eligible to receive a refund, that you’ve been selected to be audited or that you’ve violated a tax law and are being fined.
It will then either send you to a fake website or ask you to reply to the email with sensitive information. Either way, ignore these emails. The IRS doesn’t email people these types of communications.
7. Fake Invoice
Last on this list of phishing emails is the fake invoice. It involves an email that notifies you that your account (it’s often vague) has been billed for a large sum of money and that an invoice is attached. In a panic, you open the attachment, which infects your computer with malware.
Do not click attachments in emails that are even remotely suspicious, especially if the source doesn’t appear to be a legitimate organization. If it appears to be legitimate, call or follow up by email manually.
These certainly aren’t the only phishing emails in existence, but they’re some of the most common. As a general rule, do not engage with any suspicious emails you receive.