I consider myself to be pretty Internet savvy. I grew up on the internet, I used MSN and Chat Roulette, and I made a website on Pizco. I know about Internet safety through and through. But I still almost get tricked by email scams. No one is safe, and everyone has a moment of lax judgement which could lead to a lot of trouble for you. Even the best spam filters aren’t flawless and these scammers are getting better at avoiding them. So here are 4 instructions to avoid getting a virus from an email. I’ll be using the following email I got from “PayPal” as an example, since it almost got me this morning.
1. Don’t panic
This is the most important part. Most of these emails will feed off your fear of getting scammed to create a panic. When you panic, you don’t look for clues that it’s not a real email. This email in particular came from PayPal, which I use regularly. It looked really convincing, using the same colors and layouts that PayPal uses in their actual emails. It also said that it was from PayPal. It all looked legit. And for a split second, I panicked. Especially as a student who doesn’t have the most money in the world, even $31.50 is nothing to sniff at. I assumed I got hacked. The following tips are only going to work if you don’t panic, and take a minute to inspect the email before clicking on anything.
2. Don’t trust the “sent from” name
One of the things that almost got me was that it said it was from PayPal. I didn’t think my email would allow an email from an email account named PayPal if the email address itself wasn’t also very clearly a PayPal email. So I believed it for a second. But if you open Contact Info, you can see that email is just nonsense.
The email address has nothing to do with PayPal, that’s just the name the scammer gave the email address, so it would say it’s from PayPal when it’s not. Note that this trick can be used with anyone’s name. I keep getting emails from my friend Joe, with both his first name and last name in the contact name. But when I open the contact info, it’s not from him, it’s a random email address I’ve never seen before. Basically, just because it says PayPal, doesn’t mean it is PayPal. Blacklist this email so you don’t get anymore from them specifically. If it’s from someone you know, and the email address is actually their email address, try contacting them through something else (text, call, real life, etc) and let them know their email might be hacked and to change their password.
3. Carefully check every detail in the email
While the format was identical to a normal PayPal email, there were some details they got wrong because they couldn’t know it. For example, it says that the card used for this transaction was a MasterCard, but I don’t have a MasterCard, let alone use it with PayPal. Those numbers are also not in my real credit card number at all. But because it’s in the right spot and formatted the right way, it would cause panic unless you really looked and thought about it.
4. Do no click on any link in emails. Ever.
This is your last resort to not get tricked by an email scam. Note all the possible links in that email. There’s a log in link right at the top of the email. I can click the Transaction ID, which you can normally click to view the transaction on the website. I covered it, but I could also click on the email that I apparently sent this transaction to. There were also links at the bottom for accessing my email preferences. Now, I didn’t check them all, but I would pretty confidently guess that they all lead to trickery. Your best bet in a situation like this, if you couldn’t find any of the previous give always, it to check your account separately. Open the website in a different tab and check it there. Do not click any links, and if you do, DO NOT GIVE ANY PERSONAL INFORMATION WHERE THOSE LINKS LEAD. No names, no usernames, no passwords, not security question answers. N O T H I N G. They will use that information to actually hack your account. I went to my PayPal account and immediately saw that there was no transaction. Another way to check is preview the link before clicking. On a phone, you simply tap and hold the link for a couple seconds. This will appear.
Then you can preview the link, and you can clearly see it’s not a PayPal link at all. For desktop, you want to right click on the link and then select “Copy link address”. Then paste the link into something that is not a URL bar. I recommend just opening Notepad and pasting it there. Then you can see if the link is legitimate without risking opening it.
So like I said, these tips only work if you don’t panic on receiving the email. If something seems wrong, just assume it’s a scam. Don’t overreact and just take a closer look. Good luck and later days!