3 Tips to Ensure You Won’t Get Phished Via Email

I received an email this morning from the Better Business Bureau. It claimed that someone had opened a complaint about No-IP and listed a file with a description of the complaint for me to view. The only problem was that the email was totally bogus. Follow these tips to make sure you don’t get phished. (Click the image to view a larger version and to follow along)

1. Check out the From address on the email. It is from a Jonathan at southeasterncheese.com, that is definitely NOT an official Better Business Bureau email address.

2. The To: and CC: lines are another dead give away. Jonathan sent this email directly to one person, and cc’d over 90+ others!

3. The body of the email actually looks legitimate. The BBB logo is there and everything looks great! There is even a case # for to reference. Upon hovering over the ATTACHED REPORT link though, another phishing occurrence, the link does not go to the BBB official website, it goes to a medical records site.

So, next time you receive an email, look at it in depth before you click any links within it, or an even better practice is to not click links in emails and go directly to the official website. If you get an email that you suspect is a phish, report it to the company.  Also, check out this past blog post for more tips to safeguard yourself from being phished! Have you received any emails like this recently?

Go Phish! Top Tips on Protecting Yourself From Phishing

Phishing scams are everywhere and are growing at an astounding pace. According to Webopedia.com the definition of phishing is “the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.”

The most common form of phishing is an email that requests for you to verify, update or confirm something for an account. Oftentimes, the email is accompanied by an official logo of a company with all links contained in the email looking like they are from the official company.

The email will request for information like your login name, password or even your social security number.  Emails with such requests should never be taken seriously, companies and financial institutions would never request such information via email.

So, how do you distinguish an email from an illegitimate source from an email from a verified, official source?

1.Let’s face it, sometimes scammers aren’t the “brightest crayons in the box,” therefore spelling and grammar errors often occur in phishing emails.

2. If an email asks for usernames, passwords or other sensitive information, chances are, the email is phishing.  Companies will never ask for sensitive information like this via email.

3. Check the links in the email. Scroll your mouse pointer of the links in the emails, but be careful not to click them.  Notice in the bottom gray bar of your browser that it will have a link.  This link is where the link will actually go to.  Just because the link says www.ourcompany.com does NOT mean it will be directed there.  You can also do the same thing for images that act like links, again, just be careful not to click on the before you know if the email is phishing or not. No matter how legit links look, ALWAYS type the link directly into your web browser.

4. After typing the link into your browser, if the page that requests for you to log in or enter other sensitive information, be sure that the page is a secure page.  You can verify this by confirming that the address in the address bar has an https, not just http.

In the unfortunate case that you happen to fall victim to a phishing scam and have given away your sensitive information, notify the companies that you have the accounts with ASAP. Also, even if you do not fall victim to a phishing email, contact the company immediately and let them know that you have received a fraudulent email.  Many companies have areas on their website where you can submit the claim to, or an email address that you can forward the email to.

No-IP Managed Mail offers superb protection against spam and phishing attempts with our acclaimed spam engine and extensive RBL lists. We even have our No-IP Anti-SPAM ECR which takes your spam protection one step further by requiring unauthorized senders of email to respond to an authorization email.

Questions or comments about phishing? Leave them below!