Follow These 2 Rules to Spot Nearly Every Phishing Scam

July 7th · 2 min read

Did you know that scammers are expected to steal over $2 billion in 2020? The new methods, tactics, and abilities of scammers and hackers cause more and more people to fall victim by the day.

Think you already know how to spot scams? That you will never click on a phishing link? Think again. Phishing scams are evolving by the second and becoming much harder to spot. 2 simple rules will help you tell almost any phishing email apart from legitimate emails.

1. Check the Domain Names and URL's

This is probably the MOST important rule spotting a phishing email. When a company or business sends out emails, you will see the root domain name in the email, e.g., yourfriends@guard.io. When a company or business sets up their email system, privacy settings are set up to prevent spoofing.

Spoofing: Falsifying the identity or source of communication or other interaction by modifying an IP address, MAC address, or email address.

This is done so that cybercriminals won't be able to send emails on the company's behalf and perform scams using the domain name. What scammers do to make the domain appear as the original, is to create domains that contain the original domain name: guard.io.emailsfromscam.com. In this case, the domain name sending the email is actually emailsfromscam.com, but when looking briefly, a user will see the guard.io and move on.

That's why it's critical to inspect the domain name and links closely:

  • Legitimate domain: amazon.com / products / hats / blackhats
  • Phishing domain: amazon.com.hatforsale.pro/ hats / blackhats

Go by this rule: Look for the root domain name, which comes after the second-to-last dot but before the first slash.

2. Don't trust the email design

It's pretty easy for scammers to steal an entire design of a website or email. The logo, the social signals, all of it. A phishing email is created with certain tactics:

  • Trust: Scammers aim to gain trust by impersonating a personal contact or company. A hacker can copy the exact format of a login form and send you to give away all your information.
  • Verify: Scammers tend to request verification procedures that lead to websites they have created. This is why you must always hover over links to see where they lead you or use a browsing tool like Guardio to block out phishing scams even if you click.
  • Emotions: Pressing the right button can make people take specific actions.
  • Urgency: By creating a sense of urgency, a scammer can get you to make decisions without thinking.

To sum things up, look closely where the email came from, and where it leads to. If this post stressed you out, and you want Guardio to take your worries away - begin our free trial and see what it feels like to be worry-free.

Clean up your browser and prevent future scams

Protect yourself from phishing & malware, begin with a free scan.

Be the first to know!

Subscribe to our exclusive mailing list and get the freshest stories from the Guardio team