Look carefully at the display name – Email Address
Ex: the bank doesn’t have a domain called “secure.com”
Look but don’t click
Hover your mouse over any URL links embedded in the body of the email, but don’t click on it. Open a new browser window and type the website to test OR call the company.
Review for spelling mistakes
Emails that are authentic, usually do not have major spelling mistakes or poor grammar.
Inspect the salutation
Beware of emails address to “Valued Customer” most businesses will often use your first and last name.
Don’t give out personal information
Look for a “lock” icon at the bottom of your browser and make sure “https” appears in front of the Web address before submitting any personal or financial information this will tell you the information being transferred is secure.
Beware of urgent, unrealistic or threatening language in the subject line
Example: Your Storage is almost full, click here to sign in and verify your email to get more storage OR RPI needs you to put in your username and password to authenticate (RPI will never ask for this information)
Review the signature
Legitimate businesses will always provide contact details.
Don’t open attachments
If you were not expecting this attachment don’t open it.
Don’t trust the header from email address
Header lines identify particular routing information of the email – you will want to look up how to view header information for your email application
Something doesn’t look right
Even though the message includes convincing brand logos, language and valid email address – if it looks suspicious, don’t open it.