We are often told not to open “suspicious links” when we receive a strange email from someone we don’t recognize. But how do you know if a link is suspicious? We’re going to over a couple easy tips that will help you recognize the red flags of a suspicious link.
How phishing works
Phishing occurs when scammers create web pages or emails from what appears to be well-known and trusted businesses (like Netflix or your bank). The goal is to trick you into sharing sensitive data, such as credit card numbers, bank account information, social insurance numbers and passwords that will be used to commit fraud.
Phishy links or attachments
Phishing emails often include a link or attachment that will take you to an unknown website or begin a download. Clicking a link in a phishing email could expose your personal information to the scammer or make your device vulnerable to malware. It’s important never to click on any links or open attachments if you suspect the email may be a phishing attempt.
How do you know if a link is suspicious?
- The email is asking for personal info. Always be wary of emails from financial institutions, Internet/cell phone service providers or anyone asking you to provide personal info and then provides a link to do so. If in doubt, call the company directly and ask them to verify the email.
- The hover trick. Sometimes scammers make it appear as though a link is taking you somewhere legitimate (example: www.netflix.com), but what it’s really doing is taking you somewhere else. An easy trick to spot a suspicious link is by hovering your mouse over it. A little box should appear that tells you where the link is actually taking you. Test it out on the link we shared above.
- It’s from a friend, but it’s out of character. Malware or phishing attempts can even come from your friend’s email addresses if their computers have been hijacked. If the email seems out of character or a little odd, don’t open any links or download any attachments – contact your friend and find out if they actually sent it.
Did you like this? You might like these posts too!
How long will it take a hacker to crack your password?
Do you know what to look for in a privacy policy?
10 easy tips to protect the personal info on your phone
How to stay safe and savvy on public Wi-Fi
About Consumer Protection BC
We are responsible for regulating specific industries and certain consumer transactions in British Columbia. If your concern is captured under the laws we enforce, we will use the tools at our disposal to assist you. If we can’t help you directly, we will be happy to provide you with as much information as possible. Depending on your concern, another organization may be the ones to speak to; other times, court or legal assistance may be the best option. Explore our website at www.consumerprotectionbc.ca.
sometimes I get an e-mail from an unknown person but I think I should know about the e-mail. e.g. a reply to an invitation that has been sent to a person I am not known to but their daughter replies instead of the person in question. I do not know the daughter and the subject line doesn’t tell me anything. How do I tell if it’s real or a scam?
Hi Ruth, thanks for your question. If you’re unsure, get in touch with the person you know from this situation (there must be a connection somewhere for an invite to be sent to your email address) and find out if it’s legitimate or not. If you don’t have anyone to get in touch with to confirm it and can’t validate it through any other means, it’s best to be on the safe side and ignore it. I hope this helps!
whenI hover over a link on my computer it does not do anything..
Hi Verna, thanks for asking a question here! This may be different for various internet browsers. For example, on my Google Chrom and Internet Explorer, when I hover over a link the actual link address shows up on the left bottom corner. It’s quite small and subtle so you may have to watch it closely. I hope you can find it as it is certainly a useful tool!
I use a Mac and when I receive an odd email that is supposedly from a person or organization I know, I click on the “From:” alias to see the actual email address the message is from. This often reveals some bogus address that I am NOT familiar with. After that, it’s a simple matter of .
Hey Bill, great tip. That’s a great way of detecting a phony sender. Thanks so much for sharing!
This has been my method as well. and I’ve found it very effective.
I would like to talk about legitimate companies who have gotten into the habit of sending emails that look like they could be spammy. With cyber safety being such a huge issue these days could we please get people to stop sending PDFs with gibberish names and no body in the emails like ” Hey, here is the ______ that you requested.” I manage a generic email for a company and I will not open documents I dont know who or what they are and have deleted an important email at least once as it came from a gobblygook email and had a gobblygook PDF name, it was only after it was resent I realized what it was. Come on people it does not take that long to appropriately name your PDF and write a quick email message!
Hi Heather! Great points. It can be difficult to tell if the sender is legitimate when the email has limited info. On the flip side, some phishing attempts are so sophisticated, that they’re nearly impossible to detect. Thanks again for your comment!
Great tips. I’ve been using the mouse over link method for years now. I always look out for the domain (e.g. google.com) to make sure it is legitimate and will mostly ignore the remainder of URL after that. However some websites rely on third party email delivery service (e.g. Mailchimp) to send emails on their behalf so it is not always obvious.