You can't trust everything that comes into your inbox, even if it looks or sounds like it came from a friend or family member. That's because scammers and crooks use a technique called social engineering to try and trick you into trusting the sender and falling right into their trap.
I've mentioned social engineering before. It's just a fancy term security experts and hackers use to mean "tricking people to get information." It could be a phone call to an office manager "confirming" an order for over-priced printer toner, or a fake tracking notice for an online order that tricks you into entering your user name and password.
I just received a phishing email on my work account that's a perfect example of how scammers use social engineering to attempt to fool folks into doing something the scammer wants you to do. The email was sent by someone claiming to be a woman named Mary Anderson and regretting that I didn't attend her recent wedding. But, according to the scammer, I'm in luck because the sender is kind enough to share her wedding photos with me.
The very unwelcome email then provides a link to download a few photos from the wedding. That seems harmless enough, but it's anything but.
The "From" email address is the first spot you should look to determine if an email you receive is phony. Even if you recognize the name (Mary Anderson) attached to the sender, a strange email address is a dead giveaway that the email isn't safe. If you don't know the email address, delete the email right away.
The email says:
But, even if you do recognize the sender email address, it may not be safe. That's because scammers will often use contact lists of email accounts they've already hacked to send spam to business associates, friends and family of their previous victims. If you know the sender, keep your eyes out for an overly generic story or something that just doesn't make sense.
For me, the message itself is a dead giveaway and is key to the social engineering aspect of it. It's designed to make me feel like I know the sender, but when I read the actual story, I can tell it's total baloney. I don't know anyone named Mary who got married recently, so I know this email isn't legit.
The in-body link to photos is another major warning sign. Thanks to social media networks like Facebook and Instagram, friends have plenty of ways to share photos from weddings and other important events. Why would someone send me a link to a website I've never heard of? That's a good question to ask yourself if you ever receive an email like this. And, remember, never click a link that comes from an email you don't know and trust.
When it comes to computer safety, it's better to be safe than sorry. That's why you should always install powerful security software on your computer to spot malware and remove it if your computer is compromised. Click here to find free solutions in my Security Center.