To commemorate National Cyber Security Awareness Month this October, we offer tips to identify email scams
We would like to express our appreciation for customers that report suspicious online activity and emails to the Payza Security Center. Your reports help us to inform all Payza members on how best to avoid such online scams so that together we can keep your personal and financial information safe.
Here we share simple ways to identify a common online scam, referred to as the phishing email, where hackers attempt to obtain personal information such as credit card details, usernames, and passwords. With this information, we are confident you, too, can join our ranks of cyber-detectives and play a vital role in preventing cybercrime.
Need a quick overview and definition of phishing scams? See this Wikipedia entry.
How to Spot a Phishing Email
Cybercriminals are experts at developing fake emails that appear to be authentic messages from reputable companies, government departments, and even family members. Nonetheless, there are traits common to many phishing emails that you can identify within seconds. The following examples are definite “red flags”:
How to identify this email message as fraudulent:
1) Sender appears to be Payza; however, the email URL is @peyza;
2) message contains several errors in English grammar, spelling, punctuation, and page setting; message conveys urgency and need for immediate action, specifically in terms of clicking a link to a suspicious web address;
3) message does not greet you using your full name;
4) message requests personal, confidential information and encourages the reader to provide this information at an unknown web address.
Do I know you? Say my name!
As a Payza member, we will always refer to you using your full name in all email correspondence. Any email that starts with a salutation other than your name listed in your Payza account, such as “Dear Member” or simply “Hi!”, is definitely fake.
What’s the rush?
Emails with urgent calls to action are highly suspicious; for example, “Click on this link within 24 hours or your account will be locked for an undetermined period of time”. Payza will never contact you first with an urgent message; on rare occasions we will respond to your customer support request asking you to take action within a specific timeframe in order to solve your problem.
That email address looks “weird”
Any email claiming to be from Payza but is sent from an address other than @payza.com or @info.payza.com is a fraud. Be careful: some sophisticated fraudsters have found ways to make it look like an email was sent from a Payza.com URL when in fact it wasn’t.
Engrish not so goode
Payza has a dedicated communications team that proof-read our emails to ensure they are—virtually—free of typos. On the contrary, phishing emails often contain several spelling and grammatical errors. A poorly written email with unprofessional paragraph and sentence structure is certainly from a fraudster.
Tell me your details
Payza will never send an email asking for your username and password, let alone your transaction PIN; we store and encrypt your personal information on secure servers, so we never need to ask for this information. Any email asking you to enter personal information, especially after following a link in the message, is a scam. Moreover, we will never send an email threatening to place your account on hold if you do not provide us with your username and password—this example being a common email scam.
If you are ever unsure whether you received an email from Payza or an impersonator, please contact us and send a screenshot of the message; never click on a link or download an attachment sent with the message. We will conduct an investigation immediately and inform Payza People of cybersecurity threats on our blog and social media pages.
Having even the slightest suspicion is enough justification to report an email to us. A moment of your time can make a significant impact in preventing cybercrime around the globe.
- Visit Payza’s Security Center for more tips to help you spot a phishing email.
- All this month we will post more helpful cybersecurity tips on our Online Security section of our blog and our social media pages, so stay tuned.
- Be sure to visit Stay Safe Online, the organizers of the National Cyber Security Awareness Month, for more ways to keep your identity, money, and data protected online.