/ /  The Complete Guide on How To Spot Phishing Scams

How To Spot Phishing Scams (+ Examples!)

Learn what phishing scams are and how someone might try to steal your information. Find examples of suspicious activities you should keep an eye out for. 

Deloitte, a financial and risk advisor provider, says that an overwhelming 91% of all cyber attacks begin with a phishing email. That means it’s more important than ever to familiarize yourself with these malicious emails and how they work. 

This article is a great place to start. Keep reading to learn more about the most common types of phishing scams and the signs you should watch out for to protect your most important information from them. 

How Do Phishing Scams Work?

Phishing scams use a variety of tricks to get you to divulge sensitive information.

For example, a hacker might send you an email that looks like it came from your bank with a request to log into your account. If you click the link, you could be taken to a site that looks like your bank’s website but actually gives the hacker the information you enter. When you try to log in on the imitation site, those credentials get passed to the attacker and they can use them to try to access your account.

Cybercriminals use phishing attempts to try to get many different types of information. They can target your login credentials, Social Security number, and any other details you wouldn’t want others to know. These attackers may even try to trick you into sending money to them.

Types of Phishing Attacks You Should Be Aware Of

There are many different ways cybercriminals may use phishing to target unsuspecting victims with online scams. Here are some examples of common phishing scams you should be aware of:

Email phishing: An attacker sends a generic email that appears to come from a legitimate organization, but actually redirects to fake websites they’ve made.

Spear phishing attack: The attacker uses personal information they already have to send a more detailed phishing message to you specifically, which can help the email appear more legitimate than standard email phishing scams.

Whaling: Like spear phishing scams but it’s even more personalized and often targeted to a high-level member of an organization, such as a CEO.

Smishing: Describes a phishing attack that takes place via SMS message (hence the name) instead of through email. These text phishing scams are largely the same as email attacks otherwise.

Search engine phishing: An attacker creates content that ranks at the top of search engine pages to trick you into clicking malicious links during a regular Google search.

6 Examples of Suspicious Activities To Keep an Eye On

Regardless of how personalized a phishing scheme is or the medium it takes place on, there are some common elements among most attacks that are worth familiarizing yourself with. The traits in these phishing scam examples can sometimes have legitimate reasons, but paying closer attention to the following can help you prevent phishing scams from impacting your life.

Dodgy Email Addresses 

Phishing attacks try to appear as legitimate as possible. Part of that is sending the email threat from an address that looks like it belongs to an actual organization.  

Hackers use a variety of tricks to make a scammer email address appear real. For example, they may replace a letter with one or more that look similar, such as replacing an “m” in an email address with an “rn”.  They may also send a phishing email from a domain name that looks like it belongs to a website but doesn’t actually. For example, “[email protected]” instead of “[email protected]”. A scam email account like this can be difficult to spot if you aren’t already on the alert.  

Overly Generic Greetings 

Standard phishing attacks are often mass emails that target thousands of people at once. Because of this, they often use generic greetings that can apply to anyone at any time of day. For example, your email may begin with “To Whom It May Concern” or “Good Afternoon or Evening”. There are legitimate reasons to use greetings like these, but if you notice one, it could make sense to take a closer look at the rest of the message for other signs of phishing emails before engaging with it. 

Grammar and Spelling Errors 

Cybercriminals can target you from anywhere in the world and often don’t speak English at a native level. This can lead them to make grammar and spelling errors that just don’t sound right to a native ear. For example, they may start an email with “Hello Sir or Madam” or say something like “Greetings to you dear”. These kinds of strange phrases and the spelling errors that may accompany them are often signs that the email you’re reading is not what it seems. 

Unusual Requests for Personal Information 

You should also pay attention to requests for personal information that seem to come out of nowhere. For example, if your boss emails one day asking for your Social Security number out of the blue, that’s a sign you may be the target of a phishing attack and should engage with the rest of the email carefully. 

  

Exacerbated Sense of Urgency 

Phishing attacks often use a sense of urgency to try to get you to provide the information requested without thinking critically. They may cite an unexplained emergency and ask for your credit card details or pretend someone is hacking one of your accounts to get you to log in faster. When you feel like you urgently need to do something after reading a suspicious email, take a breath before acting and look at the details a little closer. If the message is, in fact, a phishing attempt, you should be able to find other signs of it somewhere in the email. 

  

Suspicious Pop-Ups 

Finally, be on the lookout for suspicious pop-ups. These can be used to get you to input your login details into a shady website. For example, a pop-up may be an exact replication of the login page for your bank. But if you were to actually input your credentials, they would be sent to a hacker. Double-check the address of the site in these situations to verify you’re in the right place before divulging your private information. 

Rely on a Secure Community Bank for Information and Protection

Anyone can be the target of a phishing attack, which is why it’s important to keep yourself informed. But you’re not alone in this if you have a financial institution you can trust. 

Fidelity Bank can help you stay protected from identity theft, fake emails, and malicious code with powerful security features and helpful information about everything from protecting your older friends or family members from targeted scams to avoiding common scams yourself. 

So why wait? Book an appointment with us today to learn more about how we can help you stay safe from cybercriminals. 

eq fdic dif logos
Credit Card Attack PlanRomance Scams: Protecting Your Heart and Wallet