This article will give you some simple ideas and things to look out for on how to avoid internet scams and phishing attacks, from visiting websites, receiving phishing emails and perhaps messages to your personal website.

Online scams have always been a big deal. However, in recent years things have gotten considerable worse. Personally I have noticed a massive increase in fraudulent emails, phishing attacks and blunt force password attacks.

How to Avoid internet scams & phishing attacks

Fraudulent Emails                                                               

Fake emails have evolved a great deal over the years, going back a few years they were very easy to spot. They were usually riddled with spelling mistake, and any images included were clearly of a lower equality and distorted is some way. However, more recently they’re becoming difficult to differentiate from genuine emails.

Despite them looking much more legit, there are still a few obvious things to look for. Genuine emails will often start by using your name, or perhaps your email, they will be personalized in some way. Fake emails are sent out on mass, and they will not be personalized in anyway.

The return email address is also something to lookout for. The below image is a real email example I received. Claiming to be from Amazon, but the return email address suggests otherwise. If this was an genuine email from Amazon, it would very likely include Amazon in the address (Amazon.co.uk). It would also be a clean address, meaning no unnecessary numbers or letters.

Fake fraudulent email example.

Emails claiming you’ve been hacked

I have had a few of these. Mostly these are just sent out randomly to any email address that they are aware of, hoping to get someone to take the bait. Other times you may receive them due to a partial hack. If you have ever used an unprotected wifi connection, such as one at a coffee shop, it’s highly likely there was someone on one occasion that was attempting to gain access to unencrypted data, including emails and passwords. This is only a risk if you signed in to any kind of account.

This personally happened to me, they did get my email and password. However, it was only login information that was used for an account that wasn’t sensitive or important. However, the email I received from the hacker claimed that they had access to my email account, which I knew was untrue. The message here is, don’t log on to any important or sensitive accounts from an unprotected wifi connection.

Fake Websites

To avoid fake websites entirely, never click on a link from an email or elsewhere to access a particular website. For example, if you want to access your PayPal account, bookmark the genuine website, or search for it using a search engine such as Google. Fake websites should never appear at the top of the search rankings. With that being said, I have heard of fake websites being promoted via paid advertising, which should never happen, but there could be a rare occasion.

While on a website you can also perform a couple of checks. Check that it is secured with an SSL certificate, a fake website is unlikely to have a valid SSL certificate. Most importantly, check the actual website URL. So PayPal’s URL is simply (paypal.com/uk/home) fake websites will either have a completely different URL, or something similar but different in some way, with random letters and/or numbers mixed into the URL, the URL will not be clean like the genuine URL.

Genuine Paypal URL
Genuine Website

These are some quick ways that can determine if you’re dealing with fake or genuine emails and websites.

WordPress Security Tips