5 things you need to know about how to spot phishing emails right now
- Check the sender's email address carefully: Scammers often use addresses that look similar to legitimate ones, like "support@amaz0n.com" instead of "support@amazon.com." Hover over the name to reveal the true email address before clicking anything.
- Look for urgent or threatening language: Phishing emails often try to create panic, claiming your account is compromised, your payment has failed, or you need to act immediately. Legitimate companies rarely demand urgent action via email without prior notice.
- Examine links without clicking: Hover your mouse over any links in the email to preview the destination URL. If the link looks suspicious—like a misspelled domain, extra numbers, or a strange extension—do not click. Instead, type the official website address directly into your browser.
- Beware of unexpected attachments or requests for personal info: Never open attachments from unknown senders, and never provide sensitive data like passwords, credit card numbers, or Social Security numbers in response to an email. Reputable organizations will not ask for this via email.
- Spot poor grammar and generic greetings: Professional companies use proper spelling, grammar, and personalized greetings like "Dear John." Phishing emails often contain errors or start with "Dear Customer" or "Dear User," indicating a mass scam attempt.