What are phishing emails? How do I recognize a fake email? And what do I do if something like this ends up in my inbox? Here you will find the answers to these questions. Recognizing the characteristics of phishing emails is not that difficult. By the way, the term itself is a neologism, which was formed from the English word "fishing". That means "fishing" - the fraudsters who send you electronic mail want to use it to fish for your private data, access data, your account information or the like. And you shouldn't bite!
Chapter in this post:
What are phishing emails?
An email can be classified as phishing if the sender fraudulently tries to get your data. This data acquisition is not infrequently based on the imitation of an online service such as Amazon, eBay, PayPal or the like. But e-mails from banks such as the Sparkasse are also forged. The logos of the companies, the structure of the mail, the footer and more are often copied in a deceptively real way. At first glance, phishing emails are usually no longer recognizable - because spelling, grammar and umlauts are no longer incorrect in many cases. It is therefore all the more important to take a second and third look at the entries in the inbox.
Common characteristics of phishing emails
Individuals, several or all of the following features can be found in emails from fraudsters who want to fish your data. Keep in mind that the scams and the abilities of the fraudsters can change. The following phishing email characteristics are therefore not the ultimate answer:
- The sender email address does not match the displayed sender (GMX or Gmail address instead of Amazon, eBay, Sparkasse, etc.)
- You will receive the mail at a mail address that you do not use for the service shown (not even as a backup address to restore the account)
- Generic subject such as "customer service", "attention", "reminder" or "your action is required"
- Errors in spelling, grammar, or translation of terms
- Mail arrives directly in another language (such as English)
- Your name is missing from the salutation or your email address is shown instead
- Urgent need for action is simulated (account blocked, blocking is imminent, new regulation will come into force soon, approval of new terms and conditions according to law as necessary, etc.)
- Announcement that data will be requested and that you have to enter it exactly and in any case without errors
- URLs of links in the e-mail (links to text or buttons) are very long and contain a lot of gibberish / or they are very short (bit.ly links)
- Opening the file in the attachment is described as essential for the process (NEVER open files from unknown senders!)
I'm not sure. How should I proceed?
If you are not sure whether you actually have an email from Amazon, PayPal, your bank or another company with a website, stay calm. If in doubt, do not use the link in the email to access the provider's website, but enter it as usual in the web browser (Safari, Firefox, Chrome, etc.). Log in to this real website and then see if there are any indications of the necessary action, a restricted account, new terms and conditions or the like. If this procedure is not the safest for you either, then call the company's customer support / hotline. Real service staff from the real company can also tell you whether the email is real or a fake for phishing.
Recognize examples and act correctly!
If I ever notice a popular phishing case in the media or if such an e-mail flutters into my inbox myself, I will address it here on the blog. Among other things, I have already shown you fake emails that allegedly come from Apple, PayPal or a law firm. In the following articles you will find these examples with the respective analysis of how to expose the received emails as a phishing attempt:
- PayPal email on "Directive 2015/2366 (PSD2)"
- Apple invoice for an App Store purchase that was not made? Beware of fraud!
- Caution: Wetransfer phishing emails are in circulation
- Email warning from the lawyer? That could be phishing!
- DE-SAM32013: Undeliverable package - SMS spam with an expensive subscription!
Information from the consumer advice center and other sites
Here I have put together a few useful links from the web on the subject of the characteristics of phishing emails and the correct procedure for receiving them. These are pages of the consumer advice center, the police and Wikipedia:
- Some of the features mentioned are explained in more detail
- Read mail headers: Here's how!
- Current warnings on the radar
- Phishing doesn't go online
- Definition and information at Wikipedia
After graduating from high school, Johannes completed an apprenticeship as a business assistant specializing in foreign languages. But then he decided to research and write, which resulted in his independence. For several years he has been working for Sir Apfelot, among others. His articles include product introductions, news, manuals, video games, consoles, and more. He follows Apple keynotes live via stream.