How to spot email scams (phishing)
2 MIN READ
The majority of cyber attacks start with a phishing email.
Watch out for these five typical email scams
1. ‘Someone has shared a file with you’
2. ‘You need to verify your account details’
3. ‘Someone just logged into your account’
4. ‘Your account has been blocked’
5. ‘Your package couldn’t be delivered’
Fraudsters send you an email pretending to be someone else to get you to click on an attachment or link.
Clicking on the link may infect your computer with a virus or bring you to a fake website where cyber criminals hope to get your personal details from you.
So what are the tell-tale signs of the most common email scams and how can you stay safe?
1 The ‘someone has shared a file with you’ email
Many of us use online services to store and share files in the cloud.
Cyber criminals sometimes send fake emails pretending to come from reputable file storage companies, often using realistic-looking company logos and details.
In this type of phishing attack, the email may say that someone has shared a file with you and you must click on a link to view it or open an attachment.
It sounds innocent enough but this could be a fake email, especially if it arrives unexpectedly, and clicking on the link is not recommended.
2 The ‘you need to verify your account details’ email
More and more of us use online accounts for a wide range of services.
Fraudsters may send out emails telling you that there’s a problem with your account and you need to verify your account details.
In many phishing attacks, they give you a very short timescale to respond saying that it is urgent or that you have to verify your details within a few hours, to increase the sense of pressure on you.
Clicking on the ‘verify your details’ link may bring you to a fake website or infect your computer with malware.
3 The ‘someone just logged into your account’ email
Cyber criminals sometimes take advantage of the fact that online companies alert us to potential account security breaches by sending out fake security breach alerts.
You might get an email telling you that someone just logged onto your online account from a new device or from a different location.
The email might say that they want to make sure it was you, for security reasons, and ask you to click on a link to review the suspicious activity.
Sounds helpful but be careful as this could be a fake email and you should not click on the link.
4 The ‘your account has been blocked’ email
These kinds of emails from fraudsters often pretend to be from well-known online shopping sites that you may have used to buy things online.
They typically tell you that your account has been blocked often adding ‘for security reasons’ to get your attention.
To get your account unblocked, you are, of course, asked to click on a link.
If you do click on the link you may be taken to a fake website and asked to enter your personal details.
5 The ‘your package couldn’t be delivered’ email
Fake emails are sometimes sent by cyber criminals pretending to be from legitimate parcel delivery companies especially during holiday season.
They may look convincing and may tell you that they couldn’t deliver a package to you or that they have your package at their warehouse.
In this type of phishing attack, they ask you to click on a link to find out your parcel’s whereabouts or to arrange re-delivery.
Obviously, you should not click on the link where the email is unexpected or looks suspicious.
What to do if you think you’ve received a fake email
Don’t click on any links, open any attachments or reply to the email.
Check whether it is a genuine email by contacting the sender if they are someone that you know BUT never use the contact details in the email.
Instead, find the real contact details of the actual company or person and contact them by phone or text, not by email.
You might also want to search online to see if the kind of email you’ve received is a scam, known to be from fraudsters.
To check if an email from Bank of Ireland is genuine, contact us at firstname.lastname@example.org.
What to do if you think you’ve ended up on a fake website
Don’t type any personal details on a website before you’ve checked the web address at the top of your screen.
Does it start with https? The ‘s’ means that the communications between your browser and the website are encrypted making them safer.
But take into account the whole look and feel of the website, as fraudsters can create fake websites using https to fool you.
Some browsers also use a padlock icon at the top of the screen. If the padlock is open then any communication with the web page is not secure.
If something just doesn’t feel right then close the page.
Keep up to date
Remember to always install the latest software updates for your operating system to protect yourself against new threats and have the latest anti-virus software installed.
Find out more
Visit Security Zone on the Bank of Ireland website for more tips on how to beat the fraudsters.
All efforts were made to ensure that the information in this article was accurate at the time of original publication. The content of this article do not constitute financial advice.
Bank of Ireland is regulated by the Central Bank of Ireland.