Trusted Bookkeeping Services

Blog

Learn about our outsourced bookkeeping services, get tips on accounting for small businesses, and more from the Tower Books blog.

How to Spot a Phishing Email

Unfortunately, scam emails are becoming more prevalent, so it is important to be vigilant about cyber safety. In particular, we’ve seen an increase in emails from scammers modeled to look like they’re coming from Intuit. These emails can contain convincing logos and appear very similar to legitimate communications from the company. Intuit publishes a list of all of the email scams that have been reported to them. It could be helpful to cross reference an email you are feeling unsure about with this list to check for similarities. https://security.intuit.com/security-notices

 
 
 

Often, the clearest indicator of a scam email is the email domain. The domain is the part of the email that comes after the @ symbol.

Legitimate business emails will almost always have a domain matching the name of the business. For example, when you get an email from us, the email domain is towerbooks.net.

In the scam email to the left, the domain is “@outlook.com” which is a public domain. You should regard any business email from a public domain like “@outlook.com” or “@gmail.com” with a high level of suspicion. Domains may also be similar to the name of the business but with slight inconsistencies or misspellings.

 
 
 

It is also common for these phishing emails to have subject lines that contain words like “critical”, “urgent”, or “alert.”

These words are used by scammers in order to pressure victims to act quickly. Remember to take your time to notice indicators of legitimacy of any email that asks you to follow a link or enter information. Let phrases like “urgent” and “critical” encourage you to be extra cautious.

In this scam email, the subject line is “QuickBooks Subscription Alert!!!”

Grammatical errors and typos are also found in many scam emails. If an email contains many grammar mistakes or simple words that are misspelled, this may be an indication that the email is not legitimate.

Scam emails also tend to be generic. Businesses that you have interacted with in the past are likely to address you by name at the beginning of an email, while scam emails are more likely to begin with “Dear Customer” or another non-personalized greeting.

Staying aware of email domains, urgent subject lines, grammar mistakes, and generic greetings can all help you avoid becoming the victim of a phishing attack.

If you are ever unsure about an email, please do not hesitate to reach out to Jane, and don’t forget to stay cybersmart!