Login to a Known Web Site Instead of Clicking Email Links
A recent PayPal email had a “My Account” button that would have compromised my password. You can long press the button on your phone, or hover your mouse over the button on your computer to see the link was not to PayPal. It’s easier to just delete the email, go to www.paypal.com, and log in to see if there is anything unexpected.
This same approach should be used for emails from any service provider, just login to their website instead of using the email link. See the examples below – click on the image to enlarge.
The email has a realistic look, but the From email looks wrong.
Checking the link, it is not to paypal.com
Example phishing email that appears to be from Quick Books. Note the From email looks wrong.
Example phishing email that appears to be from Geek Squad. The goal is often to let your emotional reaction to a charge you know is wrong to override your rational thinking. Just follow the rule to delete the email and call or login to bestbuy.com
The number given in the email is not Best Buy. Always look up the number yourself.
