Phishing and Fraudulent Emails
Protecting Yourself from Phishing and Fraud Emails
Phishing targets individuals using social engineering methods to convince them to share passwords, credit data or other sensitive personal information. The most common form of phishing is through targeted emails pretending to be from a trusted source.
What is the intent behind Phishing and Scam Emails?
The main driver behind phishing, fraud and scam emails is an attempt at some level of Identity theft. A scammer may send a phisher email hoping to steal your personal information to take over your credit accounts, open new false lines of credit, or commit any other crimes using your identity. Phishing emails are designed to gain your trust so you share personal information like passwords, account numbers or social security information.
What should you look for in suspected phishing email?
- Generic introductions – Watch for generalizations that indicate an email may not be aimed at you specifically. Phrases like “Dear valued customer”, “Hello (your email address), or a generic “Hi” can indicate an email is suspicious.
- Demands for Action – Scammers often include phrases to make you think if you do not act right now something bad will happen. Watch for phrases like “Urgent”, “Account Suspended”, “Click here to secure your account”, “Open the attached file” or “Act now or lose out”. Similar phrases are designed to create a sense of panic or urgency in the hopes someone will click a link without thinking about the risks.
- Suspicious Links – Always hover over a link to see where the link is trying to send you. It is very easy for a spammer to make a link look like one site, but point to another. In the example below, notice how the actual link is not Google. You can see this by letting your mouse hover over a link briefly.
- Grammer/Spelling – With the advent of AI you cannot always rely on bad grammar or spelling to be present in a phisher, but it is still something to look out for and is a good indicator that you should be cautious.
Tips for Avoiding Scams
- NEVER share your password, credit card number, secret word, pass phrase, or PIN with anyone. No modern reputable business will ask you for this information directly.
- Choose your passwords carefully and keep them safe. Make sure you use a combination of uppercase, lowercase, numbers and special characters when creating a new password.
- DO NOT provide personal information on a Web site unless you're sure it's legitimately managed by the company with which you're interacting.
- NEVER click on a link in an email that requests personal information, because criminals can redirect a link to an address other than the one shown. To visit a Web site, always type the address directly into your Web browser.
- If you receive an email from a company you have an association with, but you are not sure if the email is legitimate, skip clicking any links in the email and go to the company’s website directly. Chances are if it was important enough for them to email you about, it is important enough for them to remind you about when you login to your account on their official website.
What do I do if I've been scammed?
- If you think you've submitted sensitive personal information in response to a fraudulent email, contact your bank or credit card provider immediately.
- If you think you've submitted your EarthLink password in response to a scam, reset you password by visiting https://portal.earthlink.net, click Sign In and then click on the Forgot Password option to change your password.
- Change any associated passwords that may be at risk as well. Treat a potential scam experience as an opportunity to do maintenance on your online presence and create new passwords for your social media, email, banking or other sites that have sensitive information about yourself.
- Consider signing up for an Identity Theft protection service such as EarthLink Protect+ which includes access to Norton 360 antivirus, VPN and firewall toos to make sure your devices are protected and LifeLock identity theft protection which monitors for your information on the Dark Web, provides data breach notifications and pairs you with professionals that can help restore your identity if ever stolen. Read more about EarthLink Protect+ at https://www.earthlink.net/security-privacy/cyber-safety/.
How do I report a phishing email?
If you received an email in your Inbox that you believe is phishing email, you should treat it like any other spam message and report it using the Spam button in EarthLink Web Mail. If you received the message in your phone or computer's email program, you can delete it or forward a copy of the full original message to thisisspam@earthlink.net.
Related Articles
How to Report Fraud, Junk, and Spam Emails
How to Report Fraud Junk and Spam Emails On this page: Why Should I Report Suspicious Email? What is spam? What is Email Fraud or Phishing? Reporting Spam & Email Fraud - Phishing What should I do if I feel like my account has been compromised by a ...Email Abuse
EarthLink provides its customers with as much protection as it can from e-mail abuse. However, if you ever notice an instance of e-mail abuse, we encourage you to report all counts of the abuse and take the steps listed below to help prevent it from ...How to Attach Files to Emails in WebMail
You can easily attach a file to an email in WebMail by clicking the Add Attachments “Choose File” button. Attachments can be any file type as long as they are not bigger than 20MB in size. Login to https://webmail.earthlink.net/. Click the Write or ...Email Full or Email Bouncing
This article explains using Web Mail to clean out your EarthLink email storage space. Cleaning out storage space may help if people are unable to send you email, or you received an error message about reaching your email storage limit. To free up ...Blocking an Email or Domain in WebMail
Blocking an Email or Domain in WebMail You can block an individual email using the Blocked Senders List in EarthLink WebMail. Additionally, you can block all email from a domain, but you should be sure you do not want to receive any legitimate email ...