Phishing Emails

Scammers don’t have to know much about you in order to end up in your inbox. Phishing emails can be deceiving because they often appear to be from a reputable company or even someone you know. If you look closely at your inbox, there will be a few signs that give away a phishing email's malicious intent.

Whenever you receive an email from a company or website that is asking you to confirm something, whether it be your email password, a two-factor code, or other personal information, there are a few things you should ask yourself.

Are there grammatical or spelling errors? It‘s unlikely that a company has launched an email campaign or set up automatic emails without noticing these types of mistakes. This can be an obvious sign of a phishing attempt.

It‘s unlikely that a company has launched an email campaign or set up automatic emails without noticing these types of mistakes. This can be an obvious sign of a phishing attempt. Where did the email come from? The sender’s email address should verify and connect the email to the company. For example, a ShapeShift email will come from mail@shapeshift.com and should never be confused with an email address that might closely resemble that.

The sender’s email address should verify and connect the email to the company. For example, a ShapeShift email will come from mail@shapeshift.com and should never be confused with an email address that might closely resemble that. Have they provided links? Where do these links lead? When creating a hyperlink, scammers can use whatever display text that they want. Even if a link looks legitimate, hover over it to see if the text matches the link that they provide. If it does not match or the link looks suspicious, they are likely leading you to a phishing website.

When creating a hyperlink, scammers can use whatever display text that they want. Even if a link looks legitimate, hover over it to see if the text matches the link that they provide. If it does not match or the link looks suspicious, they are likely leading you to a phishing website. Are they asking for any personal information? Scammers value personal information above all else, including, but not limited to bank information, addresses, important dates, social security numbers, and credit card numbers. They may even pretend to be asking security questions to protect your personal accounts! Answers to these types of questions can help them guess passwords or gain access to your accounts. If a company is asking for your personal information via email, always proceed with caution. Or better yet, demand strong authentication before proceeding.

** Never share your crypto private keys via email whether you trust the recipient or not.