Beware of phishing emails: New risks in 2022
Have you recently gotten an email asking you to enter your mail.com password or your account will be deactivated? Or received a request to log in to consent to changes in a company’s terms of use? Warning: These messages are examples of a kind of email scam known as “phishing”.
Because there are a lot of phishing mails circulating these days, here’s a refresher in how to protect yourself.
Phishing can have dangerous consequences, ranging from hacking of your online accounts to identity theft. So it’s worth taking a few moments to learn how to identify a phishing email in case one makes its way into your inbox.
Important: mail.com will never send a customer an email asking for their password. If you have received such an email claiming to be from mail.com, do not click any links or provide any login information. If you wish, you can check the authenticity of the email on our postmaster page or report phishing incidents to us using our postmaster form. Keep reading for more information on identifying phishing emails.
We hope this refresher on phishing will help keep you safe online. You may also be interested in looking at all our posts about phishing here.
And as always, we look forward to your feedback!
Images: 1&1/GettyImages
What is phishing again?
A phishing scam is when people receive fraudulent messages (mostly email, but sometimes texts) claiming to be from a trusted sender. The aim of such messages is to trick them into revealing personal data, clicking a fraudulent link, or installing computer viruses on their device. For more information, you can check out our explainer on phishing.Fake mail.com emails
In some cases, online scammers have sent out fake messages claiming to be from mail.com in order to steal email login data. Recent examples have been a fake warning that the user’s email account will soon be deactivated, and a request to agree to an update in the mail.com Terms & Conditions. In many cases, these messages come from a sender that is not using a @mail.com address, e.g. @gmail.com or @yahoo.com. The fraudulent messages usually contain a link to a fake login window that asks for the username and password. Once the scammer has gained access to the account in question with the stolen login credentials, they can change the password so the legitimate user can no longer access it.Important: mail.com will never send a customer an email asking for their password. If you have received such an email claiming to be from mail.com, do not click any links or provide any login information. If you wish, you can check the authenticity of the email on our postmaster page or report phishing incidents to us using our postmaster form. Keep reading for more information on identifying phishing emails.
More phishing scams in 2022
Some things never change, even when it comes to cybercrime. For example, scammers love to take advantage of a crisis. In addition to the Covid-related email scams that have been circulating since 2020, fake emails soliciting aid donations for Ukraine have also been spotted since March 2022. Experts have also identified a rise in cryptocurrency phishing scams, which follow the usual pattern of trying to trick you into giving out personal information – in this case, including the key to your digital wallet. However, most of the phishing scams in 2022 follow a familiar pattern – fake emails that look like they come from a well-known company or government institution.Content of phishing messages
A phishing email will usually be from a faked sender address and have a look and feel that imitates the real company or institution they claim to be from, including logos and brand colors. Favorite subjects for these fake messages have included:- New or updated terms and conditions
- A security breach or other problem with your online account
- Delivery or package tracking
- Problems with invoices or overdue payments
- Tax-related issues
How to avoid phishing risks
There are a few things you can do to lower the risk of being caught in a phishing scam:- Never enter your personal data in response to a request in an email. If you think a request may be legitimate, contact the company or institution directly and/or log in to your account through the usual login process
- Check the email’s sender address by moving the cursor over the address. This will display the complete email address so you can see if it actually belongs to the real company. A fake address will likely have a completely different name or contain letters or special characters in addition to the real-sounding name (e.g. amazon1.com instead of amazon.com).
- The same principle applies to links or buttons in the email – you can mouse over the link to see the URL behind it. Fake website addresses will also often contain misspellings, extra characters, or a different company name entirely.
We hope this refresher on phishing will help keep you safe online. You may also be interested in looking at all our posts about phishing here.
And as always, we look forward to your feedback!
Images: 1&1/GettyImages
391 people found this article helpful.
Related articles