Privacy 101 ๐Ÿง 

How to avoid phishing scams (with examples)

Look at these examples for some ideas on how to avoid phishing scams.

Phishing is one of the most common hacking techniques. Hackers use what they know about human behavior to trick you into revealing personal information. They then use that information to gain access to your online accounts — which is why you need to know how to avoid phishing scams

You may have seen these attempts to trick you:

  • an email from a brand you know asking about suspicious activity or a recent log-in
  • a text message saying that there’s a problem with your payment information
  • an email that asks you to click a link to pay (and may even include a fake invoice that seems legit)
  • any sort of offer to trade your personal information (email, phone number, address) to receive a coupon or other free items

In other words, hackers prey on your humanity! They want to trick you into providing personal information. Hackers can then use that information in combination with data from the latest data breaches to hack your online accounts.

Here’s how to avoid phising scams, as well as some phishing scam examples.

Phishing scams examples

One of the most common phishing scam examples is when you get a so-called “order update” or a “failed delivery notice” from a mail carrier like UPS or FedEx. Or the message claims to be from Amazon and asks you to click to verify details.

Don’t do it! That common form of attack is so easy, since nearly everyone has some sort of pending online order. Scammers rely on us being in a hurry and not paying attention!

Here’s another phishing scam example from the FTC.

As you can see, it appears to be from Netflix, with a legitimate request for updating your payment details.

But hackers are crafty: phishing emails often come from spoofed accounts or email addresses that don’t actually belong to the company in question.

Most often they will try to scare you into clicking. These messages use tactics like warnings of an impending account shutdown (or deleting your personal data). Of course, the urgency of the message triggers you to act. You think “Oh no, this sounds important.” For instance, how would you react to this phishing email:

Some warning signs:

  • Poor quality logo
  • Generic greeting that seems odd
  • A message about your account being on hold
  • A link to update your payment details

That last one is especially dangeous — be very careful clicking links in emails! Instead, open a browser and log in to your account. That way, you won’t ever be tricked and can check to see if there are any issues with billing.

Tips to prevent phising scams

When you’re faced with a dubious message, tread carefully. If it seems suspicious or wrong, then it probably is a phishing scam.

To avoid phising scams, do these four things:

  1. Use 2FA. What is two-factor authentication? It’s when you attach your phone number or an authenticator app to your account so that you have an additional layer of protection against hackers. That way, even if they manage to trick you, they may not be able to gain full access.
  2. Think twice. Take a moment before clicking that link on your phone or in your email. It’s not worth rushing – and then regretting your decision when hackers gain access to your account!
  3. Set updates to automatic. This advice applies to all devices: set them to automatically download security updates. Then you won’t ever be vulnerable to a security flaw that has been patched.
  4. Mark emails as phishing. Report any suspicious emails to your email provider (they all have a way of doing that). You’ll be paying it forward and preventing the email from catching someone else off guard.

Thousands of people report phising scams each year…so don’t let your guard down!