#PreventionTips: Here’s How to Spot Phishing Scams and Protect Yourself from Fraudsters

Phishing scams are currently one of the most prevalent and biggest cybersecurity threats. This type of online scam, which is derived from the word “fishing,” intends to lure consumers by sending fraudulent messages about their personal accounts (through email, ads, or websites) in exchange for their confidential information such as account numbers, passwords, or credit card details.

In Southeast Asia alone, there are more than 11 million phishing links blocked by Kaspersky’s Anti-Phishing system in countries including Vietnam, Indonesia, and Malaysia, according to an article published by Techwire Asia in June 2022.

Various companies, big or small, have been fighting against phishing attacks over the past few years as anyone can be a victim. In order to combat these attacks, the most effective weapon is to become well-informed about the different schemes to hack information and login credentials.

Here are three things you should look out for to spot a phishing scam.

The Sender Uses a Public Email Domain

You can spot a phishing scam or a fake email when the sender uses a generic domain such as @gmail.com, @yahoo.com, @hotmail.com, and other free domains. Since everyone has access to these domains, scammers would likely use them for their malicious intent.

You might think having one of these accounts (Gmail or Yahoo) won’t raise any red flags, but keep in mind that it is unusual for large corporations or businesses to use a generic domain to send emails. Scammers may sometimes use the company's name in the email address to deceive their targets like “[email protected].”

Misspelled Domain Name, Wrong Grammar, and Suspicious Tone

Suspicious emails may also contain purposely misspelled domain names to trick users. Despite the complexity of the clue, this is (ironically) one of the clearest indicators that there is a phishing attempt.

Make it a habit to always double check if there are any inconsistencies in domain names, email addresses, or links sent to you. Often, you may receive a poorly composed email with grammatical errors and misspelled words. These kinds of messages target the most gullible people.

It is also a big red flag if the message imposes an alarming issue or negative consequences, trying to convince you to click malicious attachments or links. If something feels off, trust your instincts and thoroughly check the entire email before responding or clicking anything.

Message Contains Suspicious Links and Attachments

You can easily spot a phishing scam if the destination address or landing page does not correspond with the content of the email.

For example, if you receive an email from your bank, you should expect that the link will direct you to its official website. However, there are instances when phishers can hide the destination address. If you are not familiar with the file source, it is best not to accept or download it in order to avoid falling prey to fraudsters. Malware downloads may be contained in file extensions such as.zip,.exe, and .scr.