We’ve all received those emails telling you that you’ve won a fortune, all you need to do is provide some personal information and pay a small fee. Of course, it’s an obvious scam, but studies have shown that most of us are overconfident in our ability to detect phishing scams.
The fact is, almost every phishing attack starts with a seemingly innocuous email, and hackers today are becoming even more sophisticated making them harder to detect… and the consequences more dangerous.
Here are 10 types of phishing emails to watch out for in the coming year.
- COVID-19 Info Scams – Watch for email subject lines offering registration services, or promoting vaccine requirements or cures.
- Unexpected Attachments – This is a typical type of phishing attack. NEVER open an attachment you were not expecting, even if it appears to be from someone you know.
- Inconsistent URLs – If a web address in your email is different when you hover over the link, it’s likely an attempt to breach your system.
- Action Needed Scams – If you receive an email claiming that you need to update your information or password, it’s a classic attempt to get personal information. Legitimate institutions will never request login or personal information via email.
- Poor Grammar and Misspellings – If an email is riddled with obvious misspellings or poor grammar it’s a red flag. It’s probably a phishing scam.
- Something is “Off” – If you regularly receive emails from a certain company, and one suddenly looks different, be careful it could be a phishing scam.
- W2 Requests – This one comes around tax time. These emails often look like they come from your HR department or high-level management.
- An Email from the CEO – Hackers have become masterful at researching and impersonating high-level personnel. Never release information or funds without verbal or written verification.
- You WON!! – If you didn’t enter a contest, you probably didn’t win!
- Urgent Action Required… – When a random email arrives requesting immediate action, it’s often a sign something is up. Check by logging into your account from a different browser.
Educate your team on the signs of a phishing scam. If you receive an email that looks suspicious, don’t open it! Delete it immediately. Never click on or download unidentified attachments, don’t reply to the email, and notify your IT team immediately.