Email Security

TLDR

Don't click on any links or download attachments from emails
If you need to interact with an email, always verify the sender first

Phishing

The easiest way to avoid phishing and scam emails is to never click on links in emails or interact with them in any way. Typically, any important information about your financial or social media accounts can be seen by closing out of an email, opening the legitimate app for that account, and checking your messages through that app.

There are times, however, where you may need to click a link in an email or interact with it in another way. Knowing how to spot a phishing email is one of the most important skills for keeping your accounts and data secure. Watch out for the following attributes in emails:

An offer that is too good to be true - "hi, i'd like to give you 500 million dollars, just click this link!"
A sense of urgency, tempting you to click a link before you think about it - "Your bank account is over-drafted, click here right now or we will send you to prison!"
Poor grammar or frequent misspellings - "helo, this is macrosoft support. we need acess your computer to remov virus"
Requests that you were not expecting - "Your subscription to GeekSquad for $300 has been accepted! Call this number to cancel: 1-800-ThisIsAScam"

Verify the Sender!

Sometimes, a phishing email may not have any of the above qualities. That is why it is important to always verify the sender before clicking a link or acting on any request in the email. To verify a sender's email address, look at the email address contained between the < > characters in the email header. An example from my spam inbox is highlighted below, where the sender's email address is a hotmail address. Why would someone from the "student loan department" be using a hotmail address?