There are a great many criminals out in the world who want to gain access to your bank, credit card, and personal information. The latter is very important as it will give them crucial information such as your full name, date and place of birth, mother’s maiden name, and often a password of security question answer, like a pet’s name, that can be used to bypass security on websites where you will also store bank and credit card data.
Fortunately it’s very easy to protect yourself from what are called Phishing emails. A large number of these will already be caught by the spam filters from Microsoft and Google, but some will always get through and will say they’re from a reputable company such as PayPal, Google, Dropbox or even your own government’s tax authorities, when in fact they’re really from criminals who want your money. Here is how you can easily identify what is genuine and what is not to keep yourself safe online.
As a response to phishing email, all the major email providers, including Microsoft and Google, will display the sender’s email address in plain text. The image below shows a phishing email in both Outlook.com from Microsoft, and Google’s Gmail. The sender’s email address is highlighted in the images by a red box.
If we look closer we can see that the emails aren’t from TV Licensing or Google Drive at all, but instead from “email@example.com” and from “firstname.lastname@example.org”. This immediately tells you not to trust the email, and it’s definitely not from the people it claims to have been sent from.
You can further check if the email is genuine by hovering your mouse cursor over anything they give you to click. This will always display the website that links to as a small pop-up in the bottom left corner of your browser window. In the example below we can see that the link definitely does not go to a Google website, but instead goes to “mttecnoimpianti.it” which apart from clearly being a criminal’s domain name, isn’t even the same address the email was sent from, and it is certainly not a Google website.
One more important point is that No bank will ever send you an email asking for you to sign in and confirm security information. If you receive one of these emails and click through to the website they give, you will be giving those criminals direct access to your bank and savings accounts.
Mostly these phishing emails and criminal websites are caught by Microsoft and Google, who block them immediately. Some always do get through however so it is wise to know what to look for, so that you can keep yourself, and your financial and personal information safe.
You can protect yourself further by setting a security feature called Two-Factor Authentication on your online accounts, and I show you how to do this on this link.