9 signs of phishing that don’t lie

According to the Phishing Benchmark Global Report from Terranova Security and Microsoft released in 2020, 20% of workers are likely to click on links in a phishing email. One click can have serious consequences: phishing attempts are most commonly aiming to steal your money or your personal identity.

Fortunately, there are some hints that can help you identify these frauds and attempts to steal your personal information. Watch out for these nine things to stay vigilant against cybercrime.

1. Grammar and spelling mistakes

Fraudsters are usually not very good writers. Take a close look: spelling mistakes, bad grammar, weird sentence structure, awkward punctuation, extra spaces or indentations and bad translations are all evidence of a lack of attention to detail that a legitimate, self-respecting institution would not let pass.

2. Low-quality graphic design

Like written content, the visuals integrated into phishing emails are not usually high quality. You’ll often see logos that are outdated, inaccurate or low resolution. Sometimes an email might contain only images or a sloppy layout, which should also put you on guard.

3. Promises of money, trips or inheritance

It’s a classic tactic, but it continues to work. If you haven’t entered any contests, never trust an email claiming that you’ve won a prize, especially if they ask you to send money to collect it. The same thing applies if you get an email about an inheritance from a distant relative or some kind of refund. Unfortunately, it’s very unlikely.

4. Packages that arrive… but weren’t ordered

If you get an email saying a package has arrived or tracking information for a package that you didn’t order: straight to the trash. When in doubt, try contacting the sender by other means.

5. Threats or creating a sense of urgency

“Your account has been suspended!” Don’t panic, your account hasn’t been suspended. When an email pushes you to reply right away or seems urgent, it’s definitely a fraud attempt.

Some fraudsters use another type of ruse: direct threats. Emails threatening that they have your personal information are actually attempting to obtain it.

6. Requests for personal information

As we’ve said, requests for personal or financial information rarely come from a trustworthy source. Be especially vigilant when you see links to login or update pages.

7. Suspicious senders

Pay close attention to the sender’s email address. Government or financial institutions have official email addresses, usually that follow a particular formula. If the username or domain doesn’t seem right, it could be a phishing attempt.

8. Attachments

If an email from a suspicious sender has attachments, it could be a fraud attempt. Always ask yourself why an unknown person would be sending you something and check the file name or source. If they seem at all unusual, beware.

9. False familiarity

One trick fraudsters use is giving their emails a false sense of familiarity. They might call you by your first name, mention a meeting or a discussion that never happened, or identify themselves as someone you know, like “Paul from accounting”.

A professional signature at the end of an email can easily be misleading. Many scammers even go so far as to create a fake LinkedIn or Facebook profile, or even a website for a company that doesn't exist. If you’ve never heard of the company or the person in question, don’t take any risks.

Have you spotted one or more of these signs? The golden rules are: never click on a link within an email, never open attachments, never reply or forward a fraudulent email and never delete the email or text. You can flag emails as phishing attempts in your inbox, or block the number on your phone if it’s a text message. Ultimately, trust your instincts. If an email seems suspicious, that’s probably because it is.

If you think you’ve received a fraudulent email, call or text from individuals pretending to be from iA Financial Group, let us know by sending us an email.