Phishing and Spam is an increasing problem for those of us who use email every day. Sometimes these messages are hard to decipher from legitimate emails. Here are some practical steps and articles on how to identify phishing/spam emails and how to avoid falling for these scams.
- Spelling and bad grammar. Cybercriminals are not known for their grammar and spelling. Professional companies or organizations usually have a staff of copy editors that will not allow a mass email like this to go out to its users. If you notice mistakes in an email, it might be a scam.
- Beware of links in email. If you see a link in a suspicious email message, don't click on it. Rest your mouse (but don't click) on the link to see if the address matches the link that was typed in the message. In the example below the link reveals the real web address, as shown in the box with the yellow background. The string of cryptic numbers looks nothing like the company's web address.
- Links might also lead you to .exe files. These kinds of file are known to spread malicious software.
- Threats. Have you ever received a threat that your account would be closed if you didn't respond to an email message? The email message shown above is an example of the same trick. Cybercriminals often use threats that your security has been compromised. For more information, see Watch out for fake alerts.
- Spoofing popular websites or companies. Scam artists use graphics in email that appear to be connected to legitimate websites but actually take you to phony scam sites or legitimate-looking pop-up windows. For more information, see Avoid scams that use the Microsoft name fraudulently.
- Cybercriminals also use web addresses that resemble the names of well-known companies but are slightly altered. For more information, see Protect yourself from cybersquatting and fake web addresses.
This information came from Microsoft. The full article along with a couple other helpful articles are linked for you below:
Please remember that the Moxi Works teams will never ask for your password via email or a webform and will avoid asking for this over the phone unless unless as a last resort.