Here are the ten things that may indicate phishing.
One thing that you are going to need to do is to look for some misspellings on the email. Many times words will be misspelled slightly; there might be two “e’s” in a word that is only supposed to have one letter “e”. You can also look for characters in the wrong place. For example you can have three semicolons between phrases when there shouldn’t be any. These things can all be spotted on a phishing email and can help you to spot that the email is not real. In order to spot these errors you are going to need to read the email closely.
Something else that you should look for is formatting errors. To find these you are going to want to look closely at the layout of the page. Most of these errors are going to stand out because professional companies are not going to make these errors, mainly because they pay people to proofread the emails they send out to correct those errors before the email is sent. Some things to look for are no spaces between paragraphs, wrong symbols being used for copyright, and too many spaces between paragraphs.
If you do not have an account with the company that is sending the email and they are telling you that your account needs to be updated then it is obviously an online scam or fraud. So you need to watch to see what companies the emails are coming from.
Another thing that you need to look at is how the emails are being addressed to you and what they are asking for. More often than not a company that you have open accounts with is not going to address you as “customer” but they are going to address you by your last name at least because they will want to personalize the email. But they also won’t ask for personal information online. If they feel your account needs to be updated they will contact you some other way such as telephone or sending you a form through the mail.
You also need to pay close attention to the addresses that are being included in the email. Many times the email address that is being used to send the email to you is from an unidentifiable source and all legit companies are going to use an identifiable source when sending you emails. Also you need to check the source code, this is actually critical in recognizing phishing. Usually what happens is that they show you one address but are actually using a different address and if you don’t check to see that both addresses match then you won’t notice that it is actually two different addresses.
Something else to look at is the legal threats they are sending you. Legit companies will never ask you to send in personal information, such as copies of photo IDs through an email. And many times criminals include a lot of needless legal jargon to help convince you it is real.
Something else to watch out for is emails that tell you that if you don’t respond in a certain period of time then your account will be closed. Basically what this is trying to get you to do is to respond to the email quickly, they are hoping to catch you off guard, basically to get you to respond with out thinking.
Something else to look for is emails asking you to verify your account information. No legitimate company is going to ask you to send in personal information, such as passwords, social security number or anything else through an email. If they have a question about your account they are going to call you on the phone, not get your information online.
You should also look for mechanical errors. Many times people who are writing these emails are non native English speakers so many times they way they put together the sentences you can tell that the email is not coming from a legit company. They will mix up key phrases or get verbs in the wrong order. If you take the time to read the message closely these mechanical errors will jump out at you.
Something else that gives the phishing scam away is that the email is only an HTML email. The reason why this gives it away as a scam is that all legit email messages will have a plain-text version included in the email because not all mail software will display HTML messages. And HTML is easier to hide the scam in, whereas plain text is nearly impossible.