Do you know when you’ve received a phishing or spoofing email? Your first line of defense against phishing emails is to have a 3rd party anti-virus solution between your email and the outside world. Even with having the additional anti-virus some of these malicious emails will get through. Here are a few tips to identify if you’ve gotten a phishing email:1. Be cautious about opening attachments or clicking on links in emails. Even your friend or family members’ accounts could be hacked. Files and links can contain malware that can weaken your computer’s security.
2. Do your own typing. If a company or organization you know sends you a link or phone number, don’t click. Use your favorite search engine to look up the website or phone number yourself. Even though a link or phone number in an email may look like the real deal, scammers can hide the true destination.
3. Turn on two-factor authentication. For accounts that support it, two-factor authentication requires both your password and an additional piece of information to log in to your account. The second piece could be a code sent to your phone, or a random number generated by an app or a token. This protects your account even if your password is compromised.
See this great blog post, it’s older but is more relevant than ever: “10 Tips on How to Identify a Phishing or Spoofing Email” by Lauren Harris from Return Path to learn more.