After many years of warnings about phishing, most people are wary of suspicious emails fishing for their information. But what if an email seems suspicious but it isn’t?
phishing
A phishing email is a fake email that looks like a legitimate email. For example from a bank or credit card company. The phishing mail fishes for personal information such as your bank or credit card details. You are requested to click on a link or button in the email, usually to re-enter your details. You then come to a phishing website that often resembles a reliable website of the said company. If you type in your data there, it will then be forwarded to the criminals behind the phishing email. With that, they try to withdraw your money or collect all kinds of personal information.
When phishing was still in its infancy, phishing emails were often easy to spot because of their amateurish layout and content. Texts were translated in bad Dutch and a salutation such as ‘dear customer’ appeared regularly. Today, phishing emails and websites are very professional and usually indistinguishable from the real thing.
You can read more about real phishing here >>
Suspicious
It is a well-known phenomenon that when people are extra wary after a number of burglaries in their neighborhood, they are also more likely to label innocent situations as suspicious.
The same goes for phishing. Most people have read about phishing emails at some point and now know what to look out for. So when an email arrives asking you to re-enter account information, an alarm bell goes off. Even if the email looks like an official message from a bank, insurance company or other well-known company. Many people then think of phishing, while it may actually be a legitimate e-mail. Finally, warnings against phishing often say that real companies do not send you personal emails asking you to change your account information.
Nevertheless, certain customers at an insurance company recently received an email with information about a new, more secure online system. The request was therefore also to create a new account via a button in the e-mail. In addition, you also had to keep your online banking details at hand for identification via IDIN. Well, IDIN is an official and secure identification system, but most people don’t know it yet. For many people in such a situation double alarm bells go off.
Another example is a credit card company that sent a letter to its customers through the mail. It stated that, in connection with new EU rules, an appointment had to be made online. At that appointment, someone would come to the door to check the personal details. Here too, quite a few people wondered whether this was all pure on the bone. Because, for example, on the website of the credit card company, there was no information whatsoever about this check.
To check
It is clear that as a company you miss your target if your emails are mistaken for phishing. But that’s the problem with the company that communicates so clumsily. It is more important to you as a customer how you distinguish between a phishing email and a real email from a company. Finally, there is sometimes important information in such an official mail or letter that you do have to act on.
Unfortunately, checking by clicking a button or link in the email is not always secure enough. There are data fishermen who put a lot of effort into their phishing and therefore also thoroughly falsify an entire website. A link or button may even appear to point to a company’s regular website, but such a link can be forged. Just like the sender address of the email. That’s called spoofing.
For this reason, it is wise to go to the company’s website via your internet browser by typing in the corresponding web address. If you don’t know the web address, you can search for the company’s name using a search engine. The associated website will usually appear at the top of the search results. You are so sure that you are coming to the real website. It is then possible to log in safely or create a new account. The website will also often contain information about the content of the e-mail sent. If necessary, use the search box on the site.
Additional control
Genuine phishing emails often become known quickly because they are widely distributed. Keep an eye on the media for messages about this or use a search engine to search for the title or part of the content of the email. When it comes to scam emails in combination with well-known banks and other companies, reports about this usually appear in the media. This does not provide 100% certainty that the e-mail is legitimate.
If you are not sure about such an email after self-examination, simply contact the company in question. Again, you can’t always trust what’s in an email. So surf to the website yourself and see how you can contact the company under Contact. That way you get security.
