Look carefully at the display name – Email Address
Ex: the bank doesn’t have a domain called “secure.com”
[box showing an arrow pointing to the From: My Bank,email@example.com>
Look but don’t click
Hover your mouse over any URL links embedded in the body of the email, but don’t click on it. Open a new browser window and type the website to test OR call the company.
Review for spelling mistakes
Emails that are authentic, usually do not have major spelling mistakes or poor grammar.
Inspect the salutation
Beware of emails addressed to “Valued Customer” most businesses will often use your first and last name.
Don’t give out personal information
Look for a “lock” icon at the bottom of your browser and make sure “https” appears in front of the Web address before submitting any personal or financial information this will tell you the information being transferred is secure.
Watch for urgent, unrealistic or threatening language in the subject line
Example: Your Storage is almost full, click here to sign in and verify your email to get more storage OR RPI needs you to put in your username and password to authenticate
NOTE: RPI will never ask for your password
Review the signature
Legitimate businesses will always provide contact details.
Don’t open attachments
If you were not expecting this attachment don’t open it.
Don’t trust the header from email address
Header lines identify particular routing information of the email – you will want to look up how to view header information for your email application
Something doesn’t look right
Even though the message includes convincing brand logos, language and valid email address – if it looks suspicious, don’t open it. When in doubt you can always contact the VCC Help Desk.
Review the article "Steps to follow if you feel your email has been compromised" if you think your account was compromised.