It is becoming more common for unsuspecting victims to willingly hand over their bank information, social security numbers, and other personal information to attackers using email. These emails can appear genuine and deceivingly credible unbeknown to the user that they are the target of a phishing email attack. All it would take is a simple click of the mouse button to a link within the email or open an attachment that infects their computers or mobile device, making the user vulnerable to an attack.

  • Be cautious of generic email greetings : If you are unsure who the message is from, do not respond and do not click on any links or attachments. If the message is from a company and you need to question the message, call the company directly.
  • Check hyperlinks : Avoid clicking on hyperlinks in messages, and hover over links to verify authenticity. Ensure that webpage URLs begin with “https.” The “s” indicates encryption is enabled to protect users’ information.
  • Carefully check the sender's email address : Sometimes the email address stated in the "From" field of an email can be a giveaway. If the email suggests that it is from your bank but the email address does not specify the banking name in the sender's email address, be cautious and contact the bank directly should you wish to question the email.
  • Be suspicious when asked to verify : Banking and financial institutions do not usually ask you to verify your security details in an email as this would pose a security risk. Therefore be cautious if you receive an email asking you to verify your password or other security details in the email. Always check with the company to verify if they sent you the email. Examples:

    We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below, and confirm your identity.

    During our regular verification of accounts, we couldn’t verify your information. Please click here to update and verify your information.

    Our records indicate that your account was overcharged. You must call us within 7 days to receive your refund.

  • Be suspicious of email links : Be suspicious if you receive an email that asks you to click on a link for any reason, for example, to verify your login details due to a system update, avoid clicking on the link.
  • Emails from persons you know : An attacker can send you an email that can appear to come from someone that you know. If you are asked to click on the link, verify with that person to see if they did send you an email with a link.