For many people, email is a central pillar of communication. It allows us to connect with friends and family and is a powerful tool for spreading information and staying up-to-date on what matters to us.

Your email inbox may contain communication blasts, offers, and notices from the products and services you use daily. Many of these communications are legitimate, but there may be other emails from thieves trying to steal your information.

“Email phishing” is one of the oldest and most common Internet scams. Scammers will send an email posing as a legitimate business or entity to steal personal information.

As more business is conducted electronically, knowing Internet safety is crucial to protecting your identity and finances. Here’s what you can do to spot and stop email phishing attempts.

The Goal of Email Phishing

Scammers use email and text messaging to steal personal information. This information includes, but isn’t limited to:

• Social Security numbers
• Account names and passwords
• Financial accounts and credentials
• Credit card information

When scammers obtain this information, they can access and use a victim’s accounts or sell the information to other scammers.

Why Email Phishing Is So Successful

Overall, email phishing remains a consistent threat to Internet safety because it takes advantage of human nature. Scammers can manipulate people’s fears and curiosity to get their victims to do what they want.

Scammers use emotional manipulation tactics to try and get their victims to take action. These strategies include:

• Posing as an authority figure: A scammer’s email may claim it is an official communication from government officials or law enforcement officers. They may threaten you with fines, imprisonment, or other punishment to get you to do what they want.
  
• Instilling a sense of urgency: People are likelier to make mistakes under pressure. Scammers may send an email posing as a service provider (Amazon, Disney, FedEx, your financial institution, etc.) claiming that action must be taken on your account.
  
• Offering a good deal: Email marketing remains an effective strategy for legitimate businesses. Scammers also know this and model their tactics after them. Their emails may mention that you’ve been selected for an exclusive deal or won a big contest, and you must click a link and take action to claim the offer.
  

Many of these scam emails will try to mimic communications from legitimate entities by using images and assets associated with that brand or agency. They will also try to include links leading to malicious websites or dummy forms to capture personal information.

Worse still, some scam emails may include a file attachment. If downloaded, the file can install malicious software on your device, making you even more susceptible to data theft.

Know the Common Red Flags for Email Phishing Attempts

Patience is your most effective tool against email phishing. With every email you read, take the time to review the message and spot possible red flags.

Knowing some telltale warning signs will go a long way toward protecting your personal information. Some of these red flags include:

• Unfamiliar sender: Note who is sending the email and assess the sender’s email address. Just because the address consists of a business name doesn’t mean it’s from that company. Be familiar with how real businesses send their emails so it’s easier to spot fakes.
  
• Unusual scenario: A common email scam tactic is to claim that some action is needed on an account you may or may not have. If an email says something’s been put on hold or there’s a billing problem, the scammer may try to take advantage of you. These emails may include links to spoofed sites used to capture personal information.
  
• File attachments: Fraudulent emails may include attachments and a message urging you to download the file. These emails may contain malware, which can cause your device to malfunction or become vulnerable to further cyberattacks.
  

Protect Yourself Against Email Attacks

Once you’re familiar with how to spot malicious emails, you can defend against them. Here are some quick things you can do to avoid scams.

First, never click any links or buttons in a suspicious email. You could be taken to a malicious website that may trick you into submitting personal information. Do not download any attachments, as they may contain malware.

Then, report the suspicious item to your email provider. A button should be in your email’s interface to report spam or a scam attempt. You can also delete the email and block the sender.

Next, set up multi-factor authentication (MFA) for your accounts that support it. This adds another layer of security that prevents strangers from accessing your account if they obtain your credentials. You can start by setting up multi-factor authentication with your financial institution.

Also, make sure your electronic devices have updated security software. It is never advisable to download file attachments from strangers. Security software can stop these potential threats. However, your security software will be more effective if you do your due diligence to avoid suspicious files and websites.

Knowing how to identify and avoid fraudulent email is a valuable skill that can do much to protect your identity and finances.

Remember: First Florida representatives will never email or text you asking for your login credentials, Social Security number, or other personal information. When protecting your identity on the Internet, it is also a good idea to play it SAFE. Visit our Scam and Fraud Education page to learn more about recognizing scam tactics and how to avoid them.