How to Recognize and Avoid Spam and Phishing Emails

Spam email is annoying at best. At worst, it can include scam offers or malicious computer viruses that cost you time and money.

The FTC reports a significant increase in email scams and phishing attacks. Cyber criminals are also targeting remote work technologies, such as video conferencing services. A remote worker’s home network is likely to be less secure than their company server.

How Phishing Works

Phishing attacks attempt to steal sensitive information through emails, websites, text messages, or other forms of electronic communication. They often look to be official communication from legitimate companies or individuals.

These emails are very convincing, some going so far as to include the company’s logo or mailing address. The phishing site typically mimics sign-in pages that require users to input login credentials and account information. The fake site then captures the sensitive information as soon as the user provides it, giving the attackers access.

Phishing emails can be very effective. Attackers will often use them to distribute ransomware through links or attachments in emails. When run, the ransomware encrypts files and displays a ransom note demanding you pay a sum of money to access your files.

What to Look For

We recently became aware of an email phishing scheme targeting Whidbey Telecom customers. Customers reported a fraudulent email that appeared to be from “Whidbey Telecom Webmail.” This scam email tells customers they have to upgrade or their email service will be discontinued.

Stop and look over your emails carefully before clicking on anything. Some things to look for are awkward phrasing, misspellings, or grammatical errors. You can check links and verify the sender’s email address by hovering your mouse over them.

While, at a glance, this email might look real, it’s not. The scammers who send emails like this one do not have anything to do with the companies they pretend to be.

Phishing emails will try to trick you into clicking on a link or opening an attachment. They’ll say they’ve noticed some suspicious activity or log-in attempts on your account. Or claim there’s a problem with your account or your payment information. Dangerous spam emails often sound urgent, so you feel the need to act.

We are also seeing an increase in phishing attacks as more companies roll out new technology and collaboration tools to their employees. Scammers will pretend to be an employee and ask for access to shared drives or sites. Like this:

What to Do

If you get an email that asks you to click on a link or open an attachment, answer this question. Do I have an account with the company or know the person that contacted me?

If the answer is “No,” it could be a phishing scam. Go back and look for signs of a phishing scam. If you see them, delete the message. Do not click on any links or open any attachments.

If the answer is “Yes,” contact the company using a phone number or website you know is real, not the information in the email.

Most importantly, trust your instincts. If it doesn’t seem right, it probably isn’t. When in doubt, feel free to contact your Whidbey Telecom Support Team at 360-321-TECH (8324) or email support@whidbey.net.