When it comes to cyber security, we all want to believe that we are safe, and able to spot a scam from a mile away. We avoid those emails from the Nigerian prince, we know no random stranger is trying to give us a million dollars, and if it’s in our junk mail then we leave it there. The reality is, however, that anyone can fall prey to a phishing attempt. Unfortunately, phishing attempts often look like they’re from a company you know and trust. In fact, the FBI’s Internet Crime Complaint Center reported that people lost $57 million to phishing schemes in 2019. So how do you spot a phishing email and keep yourself safe?
Does it ask you to follow a link, open a file, or provide personal information?
Phishing emails often tell a story to trick you into clicking a link or opening an attachment. This may look like a service you use emailing you to tell you that your payment information is outdated with a link to update it. It may even look like an email from your bank letting you know that your online account is locked with a link to provide your login credentials, security questions, or other personal information.
Does it feel urgent?
Many scams capitalize on simply creating a sense of urgency. Slow down and really evaluate what is being presented to you. The urgency of the email may seem alarming, and your instinct may be to take whatever action it is prompting you to. When you slow down and take a step back, however, you are able to think clearly about the situation. Is your payment information really outdated? Can you go directly to their website or contact them to check on this, rather than clicking on the link in the email? Take your time to verify anything that may seem off, trust your instincts, and don’t commit to or take action on something that makes you feel uncomfortable.
Is it poorly written?
When reading through any email, take note of the grammar and wording used in the body of the message. If you notice spelling and grammatical mistakes, or even strange phrases, this should be a red flag that something isn’t right with the email. Emails from legitimate sources are very carefully crafted to assure that emails are professional and well-written. On another note, most email spam filters will look for key phrases or words to filter out phishing attempts, and spelling or grammatical mistakes can help scam emails bypass those filters and find their way directly in your inbox, instead of your junk folder. Since these emails look like they are coming from legitimate sources, take extra time to read them carefully and assure that they are authentic.
What do the links look like?
Since the email may look like it’s coming from a company you know and trust, it can be hard to tell whether it is real or not. Scammers may use the company’s logo, header, and the link may even look like it’s taking you to their website. Just because a link says it’s going to send you to one place, doesn’t mean it actually will. One simple thing you can do to double-check any links before you click on them is to hover your mouse over any links, and take note of whether the link in the text matches the URL displayed as the cursor hovers over the link. If these don’t match, this means the link is not taking you where it looks like it will at first sight.
Does the email look like it’s from Idaho Central?
As always, please remember that Idaho Central would never send you an email with a link asking you to provide login credentials, security questions, or any other personal information. Always go directly to www.iccu.com or use our app to log in and access your online banking. If you have received what appears to be a phishing email pretending to be from Idaho Central Credit Union, do not respond to the request. Instead, forward the email to abuse@iccu.com. Don’t hesitate to contact us if you ever have questions or concerns; Idaho Central can help you identify scams or fraud, and help you with the next steps needed to protect yourself. Learn more about how to protect yourself at our security center.