Kingston Police have released a statement regarding email scams, which they hope will help the public stay safe, and avoid being taken in by scammers.
“How can you tell if an email is safe?” asked Constable Ash Gutheinz. “Even if you catch red flags in an email, such as typos or poor grammar, an urgent demeanor, or even a spoofed domain, how can you truly decipher the safety of an email?”
Kingston Police advises that an immediate step you can take is to watch out for one of the most critical tell-tale signs of a scam, or phishing, email: a mismatched or fake URL.
Why is hovering important? What can it do for you?
Hovering over a link not only allows you a moment to think before proceeding, it also gives you the opportunity to see where a link is going to redirect to, according to the statement. This is especially important because not all links lead to where they suggest they may be going.
When you hover over a link, the destination, or email address, is displayed on your screen. It can be seen either right at your cursor, or on the bottom left of your screen. When your cursor ‘hovers’ over a link or email address, take note of the address or email address that is displayed.
When you hover over a link, check for the following to ensure you’re staying safe and secure:
- If the email appears to be coming from a company, does the hover link match the website of the sender?
- Does the link have a misspelling of a well-known website (Such as Micorsoft.com)?
- Does the link redirect to a suspicious external domain appearing to look like the sender’s domain (i.e., micorsoft-support.com rather than microsoft.com)?
- Does the hover link show an URL that does not match where the context of the email claims it will take you?
- Do you recognize the link’s address or did you even expect to receive the link?
- Did you receive a blank email with long hyperlinks and no further information or context?
If you notice anything about the email that alarms you, do not click links, open attachments, or even reply, Kingston Police warn.
Remember, you are the last line of defense to prevent scammers from succeeding and making you, your company, or your organization susceptible to an attack.