Estimated reading time: 2 mins
Many ‘phishing’ emails are cunning – aimed at fleecing you of your money, personal details, access to an online account, or simply to confirm that your email address is active (to be followed by a deluge of targeted spam emails). Unless you’ve been living on the moon, you will have received one.
I have been caught out, only once, with an email that told me someone influential wanted to connect on LinkedIn – I fell for it hook, line and sinker. I used the link in the email and found myself at a website I wasn’t expecting. Dang it, I thought, I’ve just confirmed that my. I consider myself experienced and savvy in these things, so why was I caught out?
Because phishing emails aim to do one of two things:
- To shock you into doing something out of fear of some form of penalty, like a closed account. PayPal and online banking brands are commonly used in these.
- To surprise you into gaining an unexpected benefit. My example of LinkedIn is a good one – I thought I was invited to connect with some bigwig in a major corporation.
In both cases, an urgent opportunity/threat could be perceived, and victims throw caution to the wind.
There is a simple way to check that the action you’re about to take (clicking a link) is genuine, or not.
- If you’re reading an email on a desktop/laptop machine with a mouse, move your mouse over the link/button BUT DON’T CLICK IT. Instead, look at the full URL (website address) of the link. If the domain part (the first part) doesn’t look like the website you’re expecting to go to, then it could be a phishing scam.
- If you’re reading an email on a smartphone, you can achieve the same by holding down on a link (but don’t tap it) – this should reveal the full URL (website address) of the link. Once again, if the domain part (the first part) doesn’t look like the website you’re expecting to go to, it could be a phishing scam.
The most secure method of responding emails from your bank or online service provider
The most secure method of all, regardless of what device you’re using, is to NOT USE THE LINK in the email at all, but instead open up a browser yourself and go to the website this email refers to directly.
Most websites that would have genuine reason to email you will also provide some form of message center, inbox or alert once you have logged in.
If there is no call to action when you log in, then the email is likely to be a phishing scam.