Have you ever gotten an e-mail from a reputable company advising you of some “issue” with your account and you weren’t sure if it was legitimate or not? I’ve gotten some lately from “Amazon” and “PayPal”. I quickly looked them over but wasn’t sure if they were legitimate or not. However, upon closer scrutiny and a little research, I determined both were fake. If you find yourself in the same boat, here are some things to look for:
1. Do you have an account with the company you received the e-mail from? If not, they’re probably phishing.
2. Check to see what address the e-mail came to. That’s very telling for me because I have two e-mails that are linked. I use one of the e-mail addresses for most of my business and the other is used rarely. All of those phishing e-mails come to the e-mail I don’t use. So in that case, I know it’s not legitimate.
3. Look for a logo and be sure it’s correct. Every single legitimate Amazon e-mail I’ve received had a logo but the fake Amazon e-mail didn’t.
4. Look at the company name to be sure it’s correct. On the PayPal e-mail, in one paragraph Pay Pal was two separate words but in the next paragraph PayPal was just one word. The real PayPal wouldn’t make a mistake like that.
5. Look for grammar and spelling mistakes. I think I’ve found examples of both in every fake e-mail I’ve gotten. Legitimate e-mails rarely have those kinds of mistakes.
6. If you have a past e-mail from the company, compare the suspicious e-mail with one you know is legitimate. With the fake Amazon e-mail, the style and type were completely different. It was a dead giveaway once I compared the two.
7. Is the action described in the e-mail something that could be true? In the fake Amazon e-mail, it referenced an order I had cancelled. I knew I hadn’t cancelled an order and the item cancelled wasn’t something I would have purchased. My daughter-in-law and I have linked accounts so I checked with her and she didn’t know anything about it either. So I assumed it wasn’t a legitimate e-mail but kept my eyes open to be sure nothing more was going on.
8. Do your research. With the Amazon cancellation e-mail, I went into my Amazon account and checked to see if I could find a paper trail for the action described in the fake e-mail. Nothing. That confirmed that the e-mail was fake and that they hadn’t messed with my account.
9. Contact the company and let them know you’ve received the fake e-mail. I did that with Amazon and asked if the e-mail was legitimate or not but I never heard back. However, they did have a section on the website about phishing and their policies. Sometimes that helps you know whether the e-mail is legitimate or not.
10. Never click on any of the information in the e-mail. It might not hurt anything if you do but you don’t want to take a chance. Bad things can happen when you click on information from people trying to mess up your life.
So the next time you get a suspicious e-mail, run through this list to figure out whether it’s legitimate or not. I don’t know about you, but it always unsettles me a little to get those e-mails – just in case they are legitimate and I’ve ignored them and because if they’re not, someone is trying to mess up my life! So figuring out for sure that they’re fakes and that my account is fine helps me rest a little easier.
This post is linked up with the Weekend Bloggy Reading Link Up at SerenityNowBlog.com.
There is a website called millersmiles.co.uk which has an archive of phishing scams and spoof emails. It claims that this is the largest collection in the world. If anyone receives a fake email, they are invited to send a copy to millersmiles for their library. it is useful to have a look and see the sort of emails that are sent, so we can be on our guard.
I had never heard of that site before. It’s got a LOT of stuff! Thank you for sharing. I saw at least two things on there that I’ve actually received.