Chances are you receive phishing scams in your inbox from time to time, despite Outlook, Gmail and others doing what they can to divert those messages into the junk folder. Here are some tips to avoid falling for phishing scams and advice should you accidentally give up sensitive information.
- Beware of “spoofing.” This is a forged email where the name of the sender is someone you trust, but the email address itself is from a different source. For example, if you get a suspicious email with your executive director’s name as the “sender,” check to see if the return address is correct. If it’s not, delete the email right away.
- Review the content of suspicious messages. Did you get an email that looks unfinished, unprofessional, or uses uncharacteristic bad grammar or misspellings? If it sounds fishy, it probably is fishy! If it asks for billing details or provides a link to pay an unrecognized fee with a credit card, go with your gut and do not click it.
- Consider mobile vs. desktop formatting. If you check email on your phone, sometimes your inbox will display a snapshot of the message’s content. While this might look nicer, this can end up hiding clues that the message is fraudulent. Be wary of responding quickly to sensitive inquiries without reading the entire email.
- Don’t go looking for trouble in your junk folder. Don’t peruse your junk folder for fun. It’s a minefield of harmful content. Only open messages from a verified trusted source that accidentally landed in the junk pile.
- If you fall for a phishing scam, report it to IT immediately. Accidents do happen. If you click on a link or typed in credit card information for a fraudulent invoice, report it to your IT department or IT services provider immediately. You should also send a company-wide email warning colleagues about opening up similar messages. Often, scammers will phish multiple people at an organization. It’s better to be safe than sorry! Within minutes, you can freeze or cancel credit cards before any additional money is stolen.