Passwords and IDs hold high value with cyber criminals. Sending phishing emails to a lot of random email addresses is one easy way scammers steal information from unsuspecting people. It's probably a phishing email if:
- The email is poorly written with misspellings and incorrect grammar, or a familiar company name is misspelled.
- Your name isn’t in the “To” line. This email has likely been sent to thousands of people.
- The sender’s email address is suspicious. It might have a familiar company or government organization that is misspelled.
- The email doesn’t use your name. Any financial institution you have an account with knows your name. Emails beginning with “Dear valued customer,” “To Whom It May Concern,” or even “Hello,” could signal a scam.
- The URL is a fake. Hover over the “Click here” or “Take action now” link with your mouse. If you see a strange URL instead of a legitimate company website, don’t click.
- You’re informed that there’s a security breach on your account, and if you don’t take the action recommended in the email, your account will be temporarily suspended.
- The email asks for your personal, credit card, or online account information, or it takes you to a website that asks for this information. Legitimate companies don’t usually do that.
If you receive a suspicious email:
- Don't open it. Delete it immediately.
- Don't follow any links in the email—even if it's to "unsubscribe" from the sender—or open any files attached to it.
- Western Union will never send you an email asking for your ID, password, or personal information. If you're not sure whether an email is from Western Union or not, don't open any links, click on any attachments, or provide any passwords or user IDs.
Forward the email to firstname.lastname@example.org and then delete it.