It's important that you're aware of these signs and are watching out for them in all your online activity. If you encounter these signs, here's a few things to do:
- Don't ignore them.
- Never click on suspicious links or respond to scam emails.
- If you're unsure of something, go to the source directly. For example, if an email says you've missed a payment on your Netflix account, call the phone number on Netflix's official website to check.
- Report scams to involved companies that allow you to do so.
- Take an extra five minutes to verify something is legitimate. It takes less time than recovering stolen data or fixing a virus-infected device.
Scam email #1: Contest winner
Long description - Scam email #1: Contest winner
A fake email that contains different signs of phishing. One points to a suspicious email address that reads iphone@jyjsk.jhssshs.com. Two points to the recipient's email address name, mike211, and the same email name being used the start of the congratulatory message. Three points to a vague time period the user had apparently completed a survey. Four points to typos across the message with subtle spelling mistakes. Five points to text that is pressuring you to respond quickly.-
Sent from a strange email address (in this example, iphone@jyjsk.jhsssjs.com).
-
Refers to you by your email, not your name (in this example, Mike 221).
-
Makes vague references, no specifics mentioned (in this example, "a survey you completed a time ago").
-
Has obvious typos and misspellings (in this example "withing" instead of "within", "ones" instead of "once", and "thanks you" instead of "thank you").
-
Pressures you to respond with more info (in this example, says "your prize will go to another participant").
Scam email #2: Payment info
Long description - Scam email #2: Payment info
A fake email from "Netflix" that contains different signs of phishing. One points to a suspicious email address that looks like it's from Netflix, but with many numbers attached. Two points to strong wording in the subject, and bolded text stating there was a refused payment. Three points to a suspicious Netflix logo. Four points to a friendly tone used throughout the email. Five points to text pressuring you to take action within 24-48 hours. Six points to a link disguised as an official button to update the payment.-
Sent from an email address that looks a little funny but still contains a familiar word (netflix3456453435456433@netfIix.com). If you look closely the L in the email domain is actually a capital "I".
-
Uses strong wording and bold lettering to make it seem urgent and important (in this example, subject "Account payments" is in all caps, and "payment declined" is in bold).
-
Colour of the logo is slightly lighter and pixelated.
-
Uses a very friendly tone (in this example, greets you with "hi", uses words like "unfortunately", "please", and signs off "from your friends at Netflix").
-
Presses you to respond within a certain time (in this example, 24-48 hours).
-
Presents links disguised as an official looking button (in this example, "update payment").
Scam email #3: Order misplaced
Long description - Scam email #3: Order misplaced
A fake email that contains different signs of phishing. One points to an Amazon logo. Two points a spoofed Amazon email address with a large amount of numbers and an unusual character. Three points to a prompt telling the user an action is needed for their account. Four points text with an apologetic tone within the email. Five points to an amazon gift card, offered as an apology. Six points to a seemingly legitimate email sign off.-
Uses the official company logo as the header to trick you into not looking too closely at the message.
-
Uses a spoofed email address (Amazon13131213@Amαzon.ca). It looks legitimate but has a subtle but different character - α - inserted in the email domain.
-
Pushing you to take action (in this example, "All we need is for you to click on the button and fill out your information").
-
Uses a friendly or apologetic tone to make it seem like they want to help you (in this example, saying "Sorry" and "Don't worry").
-
Offers you a prize for cooperating (in this example, offering an "Amazon gift card").
-
Uses a professional signature to seem legitimate (in this example, "Amazon recovery team").