One of our customers received a malicious email today, which attempted to trick the user into revealing their password. Fortunately, the user thought the email was suspicious and asked us about it before clicking the link in the email.
We are beginning to see an increase in phishing emails being sent out lately and thought it would be prudent to inform you what to look for in order to protect yourself from this common threat.
A phishing email is an email that attempts to trick the user into divulging their password(s) by pretending to be someone else. The email will usually say that your account has been ‘flagged for suspicious or unusual activities’ and your password must be reset in order to protect your account. The email will then ask you to click on a link in the email to reset your password. When you click this link, a website that has been designed to appear legitimate will open and prompt you to enter your old password and your new password. Once you click submit, your current correct credentials are sent to the phisher who then uses them to access your account and commit whatever nefarious deeds they would like.
Here are some other red flags to look out for in phishing emails:
- Misspelled words
- Bad grammar
- Threats of suspension/termination of account
- Account needing human verification
- Anything asking you to click a link in the email
- Anything asking you to open an attachment
Localloop will never ask you to reset any of your passwords via email. In fact, almost no company will reset your password without you requesting it. There are some exceptions to this. If a company experiences a data breach or hack, they will sometimes pre-emptively reset every user’s password and send out an email notifying users. However, if you think this is the case, it’s easy to confirm by pulling up the company’s website instead of clicking the link in the email.
The bottom line is if you receive an email asking you to click anything to reset your password, it is more than likely a scam and could cause damage to your computer or allow a third party to access your account. Please call Localloop at 478-453-8324 if you receive any of these emails and we will be happy to check to see if they are legitimate or not for you.