If you’re reading an email that appears to have come from a reputable source, but it’s riddled with grammatical errors and prompting you to act quickly, be very careful. It’s likely a phishing attack.
Phishing attacks typically begin with fraudulent emails that appear to come from legitimate entities. However, the messages are designed to trick you into divulging sensitive information which the perpetrators want to use to steal your identity and rob you of other valuable savings and assets.
With more criminals taking advantage of the internet to phish for personal data from unsuspecting victims, you have to keep an eye out for their hooks and learn how to stay protected.
Fraudsters are always improving their techniques, but there are common things you should always consider when reading your emails, even when it’s from someone you know well, or from a company you do business with often.
Always be suspicious of:
- Emails that ask you for your personal information such as your date of birth, mother’s maiden name, Taypayer Registration Number (TRN) or Social Security Number (SSN), account balances, address etc. JN Bank will never request this information via email.
- Emails with an urgent call to action. Do not be intimidated by an email which suggests dire consequences if you do not immediately provide the requested information or conduct a particular action.
- Look out for grammatical errors and analyse the tone of your emails because more often than not, a phishing email will include suspicious elements such as different fonts, missing words and letters or terribly constructed sentences.
- Inconsistencies in email addresses and domain names. You should always check if the address being used to communicate is one which you would normally do business with. It’s always best to directly go to a website to find out if you really need to do what the email is asking of you. Genuine emails from JN Bank, for instance, only end with @jnbs.com, @jnbank.com, @jngroup.com, @jngijamaica.com, @jnfunds.com, @mcsystems.com, @jncayman.com.ky, @calljaa.com, or @marketing.jngroup.com. Any other variation is not legitimate
- Emails with generic greetings. Words like ‘client’, or ‘consumer’ may be a sign that the email is part of a mass phishing attempt, rather than a personal message from an official/legitimate source. This is not always the case but read the message carefully before taking any action it requests of you. Some entities will set up their systems to personalise messages being sent to customers, so if you get one with a generic salutation, verify it. It won’t harm to be certain.
- Emails with suspicious links and attachments. Do not open attachments or click on links until the email has been verified. You should check the legitimacy of the link by hovering over it in the email to display the actual URL. Check to see if the hover-text link matches what is in the text, and whether the link looks like an approved address with which you would normally do business.