7 ways to spot scam and phishing emails
Is this a legit email?
Ever opened an email and wondered, 'Is this a scam?' Scammers often target businesses that appear to be less tech-savvy. In this blog, we'll provide you with insights and equip you with the skills to identify scam and phishing emails as well as the tools that will automatically do it for you.
Where did they get my email?
That’s probably the first question that comes to mind. You didn’t subscribe to their newsletter and you don’t even recognise the company.
Well, it’s not your fault. Even though it is against the Spam Act 2003 to send unsolicited commercial email, and against the law to send fraudulaent email, there are a hundred ways for malicious actors to collect your email. Here are few methods they use:
There are hundreds of botnets out there that scrape emails off websites
Your internet provider might have suffered a data breach
Your software tools might have suffered from a cyber attack, - this could have been years ago but it wasn’t reported.
How to spot fake emails?
STOP and assess
The first rule when dealing with emails, especially those that seem suspicious, is to STOP and take a moment to assess the situation. Don't rush into clicking links or opening attachments. Pause and think before you act.
Check the ‘from’ sender (read very carefully)
One of the quickest ways to spot a fake email is by carefully examining the sender's email address. Scammers often use email addresses that look similar to legitimate ones but may have slight misspellings or extra characters. Pay close attention to every character in the email address to ensure it's from a trusted source.
We’ll give you a hard one:
Spot the difference between support@onlineiseasy.com.au and support@onIineiseasy.com.au (the answer is after point #7)
Hover over the link or button (use your computer)
Online is Easy suggests that if you want to do online shopping or open suspicious links, do it on your computer, especially if it’s a site you’ve not shopped with before.
Before clicking on any links or buttons in an email, hover your mouse pointer over them to reveal the actual URL. Check if the URL matches the official website of the organisation or sender. If it looks suspicious or doesn't match, do not click on it.
Don’t use free public email for business
Never use free public Gmail or Outlook for your business. Think about it, not only are you promoting Google (ending @gmail.com) but also you’re subject to Google’s Ads.
Consider using a professional email service associated with your domain name.
Check if they have an ABN/ACN number
Legitimate Australian businesses must have an Australian Business Number (ABN) or Australian Company Number (ACN). This is why we love auDA, they govern the policy within the .au domain. All business need to have ABN if they want to register .au domain (.com.au & .au)
Investigate yourself
When you encounter an international website sporting a .com domain, it's time to roll up your sleeves and dig deeper. Why? Well, .com domains don't have robust privacy regulations you might expect, leaving your personal details potentially exposed to the WHOLE WORLD. You can check it on whois.com/whois or whois.auda.org.au (for .au domain)
If you’re in doubt, just get out
When in doubt, it's always safer to exit the email or close your browser. Avoid clicking on any links, downloading attachments, or providing personal information if you have even the slightest suspicion about the email's authenticity. It’s better to be safe than sorry.
(Answer for #2: one is a lowercase L and the other is Uppercase i)
Protect your Google Workspace emails?
Not only does email security protect you from incoming malicious email, it also secures your domain and protects your brand by verifying the emails people receive from you.
Speak up! Report scams!
People can make a report on the Scamwatch website. They can also follow @scamwatch_gov on Twitter and subscribe to Scamwatch radar alerts.
From the Office of the Australian Information Commissioner you can learn more about Ways to protect your privacy. For more information about identity fraud, visit IDCARE, cyber.gov.au and the Australian Federal Police.
We are here to help…
If you need more information or assistance, you can contact Sofian on 0429 119 221 or Anthony on 0417 047 632 or Schedule 1:1 screen support online
Anthony Mayer is the founder and director of Online is Easy, established in 2014.
He's a digital strategy consultant, a business coach, a web developer/designer, an entrepreneur and an educator.
Anthony is enthusiastic about his business and his community as an energetic extrovert. With a fascination for anything technical, Anthony brings existing and emerging technologies together with best practice, budget capacity and human capability.
He mixes it all up with a dash of leadership, entrepreneurship, good humour and lots and lots of hands-on business experience.