Clicking on links on trusted websites is fine, but beware when clicking on links in email, text, or social media messages – they could lead to harmful sites. Always hover over a link to check where it leads before clicking.
If you do click on the link, remember that scammers design legitimate looking websites to trick users into giving away their personal information. Check the URL (website address) in your browser. The company name in the URL should match what you expect exactly, and if the site asks for personal information it should begin with “https” indicating that it’s a secure site.
Phishing scams often begin by stealing your personal information. Be cautious of messages requesting sensitive data, such as passwords, Social Security numbers, addresses, or banking details. No legitimate company will ask for these through email, text, or social media.ext here
Messages and posts that pressure you to act quickly, claiming your account is at risk or services will be lost, are often scams. Scammers use urgency to trick you into rushing without verifying the details. If a message demands immediate action or threatens consequences, take a moment to review it carefully. Legitimate organizations, including government agencies, won't threaten you through email, text, or social media.
In our modern world, email addresses, social media handles, and phone numbers function as identification.
Scammers often create email addresses that look like legitimate businesses but include slight variations. Double-check the domain (the part after “@”) for small misspellings or extra characters. For example, a scam email might come from "[email protected]" instead of "[email protected]."
For social media, check the sender’s or poster’s page to verify their identity.
Phone numbers can be trickier, but you can do an internet search – generally a valid number for a business or government agency will turn up a legitimate website in the search results.
Scammers often use generic greetings like "Dear Customer" or "Dear User" rather than addressing you by name. Legitimate businesses where you have accounts usually have your personal information and will address you using you directly.
Ever seen knock-off designer shoes, clothes, or purses? Many scam emails try to imitate legitimate brands but often fail to match the company's official logo or branding style. Compare the email or website’s visuals to what you’ve seen from the company in the past. Any discrepancy could indicate a scam.
The same holds true for spelling and grammar. Legitimate companies generally have well-crafted communications. Scammers, on the other hand, often make spelling, punctuation, or grammatical mistakes. Poor writing is a common sign of a scam.
Scammers might send emails with attachments that contain malware or viruses. If you receive an unexpected attachment, especially from an unfamiliar sender, delete the email without opening the attachment.
If a message or post promises something that seems overly generous, like a prize or large sum of money, it’s likely a scam. Always question unsolicited offers, especially if you didn’t enter any contest or lottery.
Many email services and security software applications have built-in anti-phishing protections. Enable these features, and make sure your software is up to date. These tools can detect and block scam emails before they reach your inbox.
If something feels off about an email, message, or post, trust your instincts. Scammers rely on social engineering, playing on emotions like fear or greed. If you feel suspicious, it’s better to err on the side of caution.
Take a few lines of text from the message and search for it on the internet. Often you’ll find that other people have already verified that something is a scam or not.
If you’re still not sure, just go directly to the business’s or government agency’s official website. You should be able to address any issue that the message brought up by contacting the company directly. Even if it takes a little longer, it’s far better than risking becoming a victim of a phishing scam.