The email says the Department of Homeland Security (DHS) intercepted a cashier’s check with your name on it and they just need a little information.
At first glance the email looks authentic, with a colorful letterhead and a government address, but when you examine it closely red flags start to wave like a spring day celebration at Tiananmen Square.
Upon further review, the sender’s email address is a Gmail account. If the email was really coming from the Department of Homeland Security, the address would end in .govnot.com.
Then, there are other tell-tale signs such as missing words in the body of the letter.
“Many times the red flags that we see in these phishing emails are misspelling of words or language that normally we wouldn’t use,” said Warren King, president and chief executive of the Pittsburgh Better Business Bureau.
The email asks for your name, address and phone number, along with financial information such as a bank account number or an ATM card.
Remember, a government agency isn’t going to ask for personal or financial information in an email.
“If you don’t know who you are dealing with, never provide that information. Last year, it’s estimated that over 8 million people were victims of identity theft, and this is one of the most popular ways that they steal your identity,” King said.
There are thousands of phishing schemes circulating each month and some of them can be really damaging because they contain viruses or malware that can steal logins and passwords.
If you’re in doubt, just look at the sender’s email address. If it’s not coming from an official address, delete it.