How to look out for Suspicious Emails
People accidentally click links in malicious emails. Everyone should be very careful with reading email. Do not click on a link or an attachment unless you are absolutely sure it is safe to do so. If you do not recognize the sender and if what they are sending is out of the ordinary, NO NOT CLICK on anything in the email.
Scam emails, also known as phishing emails, often feature legitimate company logos, return addresses, and even 1-800 phone numbers. They often use scare tactics to get people to provide their information.
Here are some things to look out for in your email. They follow the initials of a handy little acronym, SCAMD!.
S – Spelling and grammar. This is usually the first and best tip-off that something’s bogus. If you’re looking at an email with multiple spelling or grammar errors, it’s probably a scam.
C – Confidential information. No legitimate company will email you requesting personal information such as passwords, social security numbers, or any private information. If you have any suspicions about the email, don't click any links. Instead, if you know the sender, call them – immediately. If you do not know the sender, go to the website of the company that looks to have sent you the email, and use the “Contact Us” link to find the company’s phone number and call them. Don’t use the phone number provided in a suspicious email as it might be a fake number to collect your personal information.
A – ACL – Attachments, Content, Links. Be very careful opening an attachment or clicking on any link (or graphic) in an email. This might be worth a call to the sender, for verification they did send you the attached file – and make sure they confirm the file name of the file they attached. If the sender is not someone you recognize DO NOT OPEN IT or click anywhere in the email. Do not open files with ending in .zip or .rtf – or any extension if you do not know why you are getting the email in the first place. HTML attachment!!! Yes, HTML attachments are often used for secure messages, so these used to be considered, safe... They are NOT safe. We are now seeing a new type of attack that uses an attached HTML file, which tries to scam you into entering your user name and password. If you get an email with an HTML attachment, be just as careful and do not open the attached file, unless you have verified with the sender the attachment is legitimate. Remember: Always Think Before You Click! Think about the email contents – when it was sent, who sent it, and what it includes. If there is any question – even the slightest – to it being something you did not expect from the sender, call them and ask about the email. Before you click a link within the email, hover your mouse over the link in the email message. If the linked address is for a different website or in any way does not look good to you, this is a big red flag – Do not click. Also, look for hyperlinks that have intentional misspellings of a known web site. For instance, www.rnysite.com – LOOK CLOSELY – the “m” is really two characters – “r” & “n.”
M – Mass Mailings. If you receive an email claiming you’ve been selected to win a prize, it’s a scam – Do not open the email. Delete it.
D – Details. In Outlook, you can click Properties and view the FULL HEADERS. If the sender is using a fake “from” address, you’ll see the real one in the details view, usually under “Reply to.” We are seeing a lot of “Email CEO Fraud.” The crooks go to great lengths to send email to the employees who might can give them what they want, and they try to make you think the email is from our CEO, or maybe from a company attorney, or a highly trusted vendor... And, the crooks use language specific to the company they are targeting, requesting confidential information, or requesting a wire transfer, using dollar amounts that lend legitimacy! When you receive email like this, triple check all the SCAMD rules, and also call the sender, to confirm the email was from him or her – BEFORE YOU SEND THEM ANYTHING. If you find the email to be fraudulent, delete it or forward it to your email administrator, IMMEDIATELY.
! – DOES THE EMAIL SCREAM AT YOU IN ALL CAPS or have lots of !!!!!! at the end? Beware of emails that try to get your attention by using all capital letters, especially in the subject line, or that try to scare you with lots of exclamation points. The authors of scam emails tend to write over-the-top and very emotional content. Also, keep an eye out for dire warnings, such as "Urgent!" or "Danger!"
One final word of advice: Don’t reply to any email where you find any of these SCAMD! clues. If you are unsure of an email's authenticity, delete it or forward it to your email administrator, right away.