Phishing emails are designed to look like they come from a trusted and well-known company that you do business with on a regular basis. However, these emails are created by criminals to mislead you into providing your personal information such as usernames, passwords, credit card, bank account or social insurance numbers.
Responding to, clicking links in or opening files attached to these emails can provide these people with personal information that could lead to identity theft and other illegal purposes.
Phishing scams may even use corporate logos, colours, and legal disclaimers to make it appear as though the email and website are real; recognizing phony emails and knowing how to proceed are key steps you can take to protect yourself.
The email you’ve received may be a phishing attempt if one or more of the following are present:
- Prompts to “update,” “validate,” or “confirm” your account information
- Misspelled or incorrect website address (URL)
- Requests for immediate action. For example: “Your account will be suspended within 24 hours if you don’t click here.”
Here are some general tips for staying safe when checking your emails:
- Beware of unsolicited messages that contain attachments. Contact the company directly to verify the contents of the email and the attachment before opening it.
- Beware of links in emails. If you see a link in a suspicious email message, don’t click on it. Rest your mouse (but don’t click) on the link to see if the address matches the link that was typed in the message.
- In the example below the link reveals the real web address you would be taken to, as shown in the box with the yellow background. If the URLs in your email do not match, or the second URL is not from a domain or company you are familiar with, this is a good indication that this is a phishing email.
- Links might also lead you to .exe files. These kinds of files are known to spread malicious software.
- Keep previous email history in mind. If you have received reliable and valid emails from the company, compare these messages to the email in question. If you have not had previous emails or contact with the company requesting account information, it could be a phishing attempt. If you are unsure about any email, contact the company directly and speak with a representative.
Xplornet does not send customers emails asking for passwords, account numbers or personal information. If you receive an email asking for any of the above, please let Xplornet know by sending an email to our Customer Care team at firstname.lastname@example.org
What you’ll find here
How to identify a phishing email.