Phishing emails come in all shapes and sizes.  Our inboxes are flooded with emails telling us that our accounts need urgent attention. We receive texts telling us that we just need to click this link and pay that amount and our order will be delivered. (We can't seem to remember placing that order, but hey! It's Amazon, so anything is possible...) Fortunately for you, there ARE some "tells" you can look for to help you spot potential scams.

Telltale Signs of Phishing

It just doesn't look right

Is there something a little off with the emails? Are your spidey senses tingling? If something seems to good to be true, it probably is. Trust your instincts if they tell you to be suspicious.

Generic salutations

Instead of directly addressing you, phishing emails often use generic names like “Dear Customer.” Using impersonal salutations saves the cybercriminals time so they can maximize their number of potential victims.

Links to official-looking sites asking you to enter sensitive data

These spoofed sites are often very convincing, so before revealing personal information or confidential data examine the site to make sure it’s real. You can read the web address of a hyperlink by hovering over it.

Poor grammar or spelling

This is often a dead giveaway. Unusual syntax is also a sign that something is wrong. 

Sense of urgency

For example: “If you don’t respond within 48 hours, your account will be closed.” By convincing you the clock is ticking, thieves hope you’ll make a mistake.

“You’ve won the grand prize!”

These phishing emails are common, but easy to spot. A similar, trickier variation is asking you to complete a survey (thus giving up your personal information) in return for a prize.

Recently, I got a phone call telling me I had won the Publisher's Clearing house sweepstakes and that they needed my address and when I would be home so they could deliver "my big check". On the one hand, this is a dream of mine; I would like a big check. But also? Pretty sure I haven't entered any sweepstakes and didn't Ed McMahan pass away awhile ago? So I kindly hung up on the caller, a little sad about Ed McMahan and the lack of millions in my bank account.

Verify your account

These messages spoof real emails asking you to verify your account with a site or organization. Always question why you’re being asked to verify – there’s a good chance it’s a scam. Your best bet to check if this is true is to simply open the associated app with the account and check your status. Your mobile banking app or Amazon app will let you know whether or not you are in good standing within the safety of the official application.

Cybersquatting

Often, cybercriminals will purchase and “squat” on website names that are similar to an official website in the hopes that users go to the wrong site, such as www.google.com vs. www.g00gle.com. Always take a moment to check out the URL before entering your personal information.

Spot the Phishing Scam

Let's take a look at a recent phishing email I received and see if we can spot the signs.

When I first opened this emailed, I was a tad afraid. Without access to my Microsoft account, I pretty much can't function at work. And it is referencing how I have 2FA set up, which seems legit. (By the way, if you don't have 2FA set up on all of your accounts, DO IT NOW!!) But I've never received something like this before, so I wanted to be sure.  So what are the signs that it is a scam email?

Spidey Senses Tingling

The fact that it looked suspicious to me makes it suspicious and worth more than a passing glance. 

Sender Address

What is this email address?  Wouldn't an actual email from Microsoft be simply from "somename@microsoft.com"? What is this "obeime.onmicrosoft.com" mumbo jumbo?

Salutation

My name is Elizabeth. Or EJ. Just like I can spot telemarketers when they ask to speak to "Edge", in no context do I go by my email handle. But they've sent out a mass email and made the algorithm use the first part of the recipient's email.

Spelling and Grammar

The good news for these hackers is that at one point, they knew how to spell "reauthenticate". But in 3 of its instances, they dropped an "n". Furthermore, they dropped an article in their second bullet point. It should read "Login to THE Microsoft Office portal..." And, just so you know, an email actually from Microsoft would know that Office rebranded to Microsoft 365 in November 2022 and dropped the "Office" moniker entirely except for stand alone downloads. 

So next time you get an email that looks a tad wonky, move your hand away from your mouse. Back away from your computer. Think before you click! Then check for spelling errors, weird phrasing, and who that email is coming from. Once you start to spot the errors, they'll become obvious to you and you will wonder how you ever fell for the tricks from bad actors. Report the suspicious email to your IT team and DELETE! You're a phishing scam hunter now and you've got this!