In 2021, phishing scams were the most commonly reported cybercrimes in the United States. Phishing is luring someone to click a link that installs harmful software or encourages a user to enter personal information for thieves to steal. Often, phishing scams involve email. The good news is that you don't have to avoid using email to protect yourself from scams. Following these tips can help you use email more safely.
Before you click a link, forward a message or reply to one, read it carefully. Does the message seem to be from the person, company or organization it claims to be? Scammers may not be able to copy the usual tone and format of the person they're impersonating. For example, if you receive an email from a relative and the message is filled with emojis that they don't normally use, their email might have been hacked.
Emails from companies and organizations are usually proofread carefully. Occasionally you might see a typo, but it's not normal for a legitimate professional email to have many misspellings or grammatical errors. In some cases, scammers may even spell the name of the company or organization wrong or not get the name entirely correct.
Also, look at any logos included in the email. Do they match the official logos of the company?
Some scammers will try to imitate government organizations, but most won't send you emails. For example, the Social Security Administration (SSA) and the Internal Revenue Service (IRS) don't send emails to make initial contact about issues or problems. In most cases, they send notices and letters via U.S. mail. The SSA may follow up with you via email if you've already contacted it, and it will send you a reminder to check your Social Security statement only if you sign up for email notifications.
If you provide your email address to a bank, an insurance company or an investment company, ask how they'll contact you if there's a problem with your account. Will you get an email, or would they only ever call or write? Knowing ahead of time can help you spot scams more quickly.
If you have any doubt that an email is authentic, don't click the link. If an email asks you to click a link to log into an account to make a payment or correct an issue, close the email and instead navigate to the official website for the company or organization. Log in there and look to see if you need to take action.
Sometimes, scammers will try to spread viruses and malware by hiding them in content you might want to share like an email with funny jokes, heartwarming stories or amusing photos and videos. The email might encourage you to forward the message to your friends and have a link that invites you to get more content. If you click that link, you might download harmful software or be taken to a harmful site. In general, it's best not to forward chain emails, particularly if they started from a sender you don't know.
If you get an email that notifies you of a delivery you're not expecting, a purchase you didn't make or an account you don't remember opening, record the name of the company that supposedly sent it. Delete the email and then use Google or another search engine to look up the company. You may find it's not even real. If it is, get the customer service phone number and call to find out if the message was genuine.
If you do click a bad link, antivirus software could help protect your computer from harmful software. Normally, you subscribe to antivirus software. Once you sign up, you may pay monthly or annually to keep the service. From time to time, you may receive notifications that your antivirus software needs to be updated. Always accept the request to update to ensure you're shielded from the latest cyber-threats.
Even if you know the person or organization that messaged you is who they claim, don't send personal information via email, as it's not a secure method of communication. Examples of things you shouldn't send via email include your Social Security number, credit card or account numbers and usernames and passwords for websites.
If you get a strange email or someone says they got an email from you that you didn't send, change your password immediately. Use something that's hard to guess and includes a mix of capital and lowercase letters, numbers and special characters.
Don't save your password in a file on your computer or your mobile device. If you need to write it down, keep it in a lockbox or a locking filing cabinet. Change your email password every few months, and always choose a unique password that you don't use for any other account.
If you're uncertain about an email, don't be afraid to ask for help. Sometimes, another person can spot warning signs that you might miss. Talk to a friend or family member about the email before you take any action. Residents of LifeStream at Glendale independent living community in Glendale, AZ, can even show the email to a staff member.
