If you want to protect your credit card information and protect yourself from becoming a victim of identity theft, it’s important to understand what phishing emails are. When you know how to spot them, you can avoid letting scammers get your account login access, credit card number, and more. Let’s take another look at phishing emails, why they’re so dangerous for consumers, and how you can identify them so you don’t become a victim.

Why Phishing Emails are so Dangerous

Phishing emails are sent you by scammers in an attempt to gather your login information, credit card account information, or other personal information. They are designed to look just like a legitimate email, and are fraudulent versions of emails from real companies — like your bank, credit card company or favourite retailer.

Once a scammer gets your personal information, they can use your credit card (perhaps online) or they can apply for new cards. Either way, you become a victim of credit card fraud.

How do they get this info from you? When they send an email that looks like it comes from your bank or credit card company it’s designed to get you to log into a fake account. You’ll only get an error message. But they get your login credentials for the real site which gives them your balance and other account information.

With a fake email from a retailer, the idea is to convince you to click a link and make a purchase. You’ll never actually receive the item. It’s a fraudulent site set up to look like the real one, and the only purpose is to get you to enter your name, address, credit card information, and other personal info.

Phishing Emails or the Real Thing: How to Tell the Difference

You can’t stop all phishing emails from getting to you. But you can tell the difference between them and the real thing if you’re careful. Here’s how:

1. Never click a link in an email without checking it out first. That’s especially true if the email looks like it comes from a financial institution or it’s trying to get you to buy something.
2. To check out a link, put your mouse pointer over it but do not click it. At the bottom of your email or browser window you should see the full website address appear. This tells you the destination of that link. Make sure one that looks like it comes from your bank really does. For example, the address should start with “yourbank.com.au” and not something that simply includes that bank name like “yourbank.xyz.com.au.” In that second case the email is not from your bank’s website, but really from xyz.com.au (the real site is always the part coming right before the “.com.au” section of the address).
3. Bypass questionable links. For example, let’s say you get an email with a great deal on a product from your favourite store. Sometimes links have all kinds of promotional tracking code worked in. If the link looks odd to you, ignore it. Instead open your browser and manually visit the homepage of the retailer. Then search for the product by name. If you can’t find it on the site, there’s a better chance you received a phishing email trying to scam you.
4. Look at the logos and other design elements in an email. Phishing emails often rip low-quality images off of the real thing. And the quality issues sometimes give them away. If the logo isn’t sharp and clear, go to the site manually instead. This isn’t a sure fire test since it’s possible to rip higher quality images too, but it can be an obvious warning sign in some cases.
5. Check the sender’s email address. Is it a normal email address for your bank? For example, support@yourbank.com or billing@yourbank.com are going to send legitimate emails. On the other hand, yourbank@xyz.com is a more likely scam attempt. Your bank or retailer doesn’t have to have another company host their email for them. It should be attached to their own site name in the “.com” or “.com.au” portion of the email.

Are you worried you might have already been a victim of a phishing email? If it happened very recently, immediately log into your accounts and change your passwords. This enables you to stop further access to your accounts. Check to see if there has been any unusual activity, and if so report it to the company. If you feel that you may have inadvertently given your credit card details to a scammer, immediately log into your account to see if any unauthorised purchases were made. Report the issue to your credit card company. They may issue you a new card and cancel the old one as a precaution.

You might also be able to report the emails to the real companies being mimicked. Some have fraud departments where you can forward the emails. You may not have the ability to hire legal help to go after the scammers but many companies do, and they don’t want scammers using their names to hurt their customers. Just remember to be proactive when you get commercial-looking emails, and you can protect yourself from phishing attempts.