Often, the clearest indicator of a scam email is the email domain. The domain is the part of the email that comes after the @ symbol.

Legitimate business emails will almost always have a domain matching the name of the business. For example, when you get an email from us, the email domain is towerbooks.net.

In the scam email to the left, the domain is “@outlook.com” which is a public domain. You should regard any business email from a public domain like “@outlook.com” or “@gmail.com” with a high level of suspicion. Domains may also be similar to the name of the business but with slight inconsistencies or misspellings.

It is also common for these phishing emails to have subject lines that contain words like “critical”, “urgent”, or “alert.”

These words are used by scammers in order to pressure victims to act quickly. Remember to take your time to notice indicators of legitimacy of any email that asks you to follow a link or enter information. Let phrases like “urgent” and “critical” encourage you to be extra cautious.

In this scam email, the subject line is “QuickBooks Subscription Alert!!!”

Grammatical errors and typos are also found in many scam emails. If an email contains many grammar mistakes or simple words that are misspelled, this may be an indication that the email is not legitimate.

Scam emails also tend to be generic. Businesses that you have interacted with in the past are likely to address you by name at the beginning of an email, while scam emails are more likely to begin with “Dear Customer” or another non-personalized greeting.

Staying aware of email domains, urgent subject lines, grammar mistakes, and generic greetings can all help you avoid becoming the victim of a phishing attack.

If you are ever unsure about an email, please do not hesitate to reach out to Jane, and don’t forget to stay cybersmart!