‘Phishing’ is a common scam where fraudsters or hackers try to literally fish by divulging fraudulent e-mails to get your personal information, hoping to steal your identity and compromise your device.

Users falling for these scams usually encounter financial losses, identity theft and, most of all, expose personalised passwords of their accounts. Thus, in today’s cyber world, it is important for users to keep in mind the words ‘think before you click’ and fortunately enough there are different ways through which you can spot a phishing scam.

Suspicious e-mail addresses

Usually, we do not bother to check the origin of the e-mail, as we tend to look at who sent it. The first thing we need to do is simply check the origin of the e-mail by looking at the e-mail address. If you receive an e-mail from PayPal, usually the e-mail address ends with @paypal.com. Scammers tend to come up with a fraudulent e-mail address similar to the original one by changing it to @paypal.org or @payp.org. So you will end up receiving an e-mail from a fake PayPal account with the address support@paypal.org instead of receiving an e-mail from the real e-mail account support@paypal.com. If you receive such e-mails, just delete them.

Messages that startwith general salutations

E-mails having a generic salutation, instead of a direct salutation to the recipient, can also be a form of scam e-mails. If instead of receiving an e-mail starting with Dear Mr Azzopardi, you receive an e-mail addressed to Dear user, Dear customer, Dear friend, etc, these e-mails are also believed to be scams and should be deleted.

Alarmist messages

Scammers try their utmost to replicate an e-mail so that it looks legitimate. One of the most common ways is to word it in an interesting manner. In such e-mails, the perpetrator tries to push you to take an immediate decision by writing alarmist messages such as, “If you do not reply to this e-mail by latest today, your account will be suspended indefinitely.” This is used purposely to confuse the recipient, who is unsure whether to reply to the e-mail straight away or not. Do not fall for this trick and delete the e-mail.

Messages containing grammatical errors

There is another method how to identify phishing e-mails. In most cases, these have grammatical errors in the body or spelling mistakes. These e-mails are usually written by non-English-speaking people or written hastily. Once again, it is no case of taking a risk. Just delete.

Requests for personal information

As a rule of thumb, no one will send you an e-mail asking for your personal information which would include passwords, financial details, credit card details, etc. Financial firms and banks usually send e-mails as notifications for something without the need of asking for personal information. Do not get hooked. Delete the e-mail.

Suspicious and/or unsolicited e-mails

It is common that we reply to e-mails, bearing in mind that we know the sender. After checking all the above, and you deem that the e-mail is either suspicious or unsolicited, do not risk it, just delete it.

E-mail links

Earlier on, we mentioned the phrase ‘think before you click’. Usually scammers try to lure you to click on a link embedded in the e-mail. In most cases, these links contain malware that will infect your device straight away with, for example, a key logger virus that collects key strokes and sends them back to the perpetrator. Avoid suspicious e-mail links, especially if the e-mail asks for passwords, bank account numbers or other personal information.

And to conclude, if the e-mail looks suspicious, then do not respond to it.

Raymond Azzopardi is senior team leader, Malta Information Technology Agency.

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.