Phishing email warning signs
/Sometimes there are clear warning signs indicating an email you received is a malicious phishing attempt. The email pictured below is a good example of these warning signs, but you must remember...you can't solely rely on just looking for obvious red flags such as these. You always have to remain vigilant and always take a few moments to analyze an email before you just click a link or open an attachment.
If you receive an email similar to the one below, there are some steps you can take to protect yourself in case it is a malicious phishing attempt.
Phishing tip, you should always be suspicious of emails with a "call to action", such as clicking on a link to view suspicious activity on your account, click the link before your account is deleted or locked out, etc.
If you happen to be a customer of the company mentioned in the email, navigate to the company's website either through a trusted bookmark you always use or from search results obtained from searching for the company in a reputable search engine. Do not click on any links in the email. Once you get to the company's website, look at your account that way.
If you would rather call the company to validate the email's authenticity, follow the steps above and call the number listed directly on their website. You could also look at the phone number on any of your statements or credit cards from the company referenced. Do not click on any links or call any numbers listed in the email.
The email below was not from Chase bank. The attacker sending the email spoofed the email headers to say "Chase Support" and the website listed after "noreply" is not a valid Chase Bank email domain. The attacker also attempted to make it look authentic by advising you to look at your statement for the contact information or including a phone number. I performed a search for the phone number listed and discovered it was for Wells Fargo. I hovered over the "Account Activitation" link and saw it went to a random website in India. Also, hovering over the link for "chase[.]com?", Bank of America's website was listed. Again, not all phishing emails are this obvious. There are 3 different banks referenced.
Other red flags include:
- The weird formatting at the top
- The incorrect grammar throughout
- The misspelling of "Activitation"
- Inconsistency of punctuation and capitlization