To our clients, you can now find the online portal link underneath the "Client Center" tab.

Telltale Signs of Email Phishing Scams

Learn the signs to look out for in email phishing scams so you can safeguard your confidential financial and personal information.

Phishing emails are a regular tactic used by cyber criminals to steal your personal information, such as your online banking login credentials.

Some red flags are easy to spot and will quickly alert you to the fact that you are the victim of a phishing attempt. In other cases, phishing is harder to discern.

As cyber criminals become more and more creative in their attempts to steal users’ personal information via email, awareness and understanding what to watch out for become the best defense against cybercriminals and their schemes.

But first, what is Email Phishing?

In this form of online scam, cyber criminals impersonate someone you know or a legitimate organization, like the CRA or your banking institution.

Typically, phishing emails contain an urgent call to action and link that, once clicked, will direct you to a website to confirm your personal data, account information, etc. These links which lead to fake websites are designed to steal your personal information or infect your device with malware.

Phishing emails can also contain unexpected or suspicious email attachments, that when downloaded, may cause your computer to become infected with a virus, which compromises the security of your computer.

How do I know an email is a phishing scam?

Many phishing email attempts end up in your spam folder, but spam filters aren’t enough to keep out phishing scams from your inbox.

Some telltale signs of email phishing include:

  • Unknown sender or email recipients that you don’t recognize
  • Misspelled or incorrect sender name and/or email address
  • Mismatched sender name and email address (e.g. – The email comes from “Microsoft” but the sender’s email address uses a Google domain like example@gmail.com)
  • Generalized or missing salutation (e.g. – “Dear Canadian Taxpayer”)
  • Typos and other spelling and grammatical errors in the subject and body of the email
  • The tone is not consistent with that of the sender
  • The language used is urgent or menacing and there is an impending deadline mentioned (e.g. – “this attachment will expire in 24 hours,” “you have an unpaid invoice,” you need to “verify” personal information”)
  • Strange, unusual, or unsolicited request or the content just doesn’t make sense and asserts something ridiculous
  • You did not subscribe or consent to receiving the email communication from the sender
  • Odd layout and bad quality images
  • The link in the email doesn’t match the URL when you hover on it with your mouse
  • The included attachment has a strange name or file extension
  • The email went directly to your junk or spam folder

It’s important to note that the above isn’t an exhaustive list of all the warning signs of phishing emails. Phishing emails can be so sophisticated that only contain one or a few signs listed above.

Be proactive, not reactive!

Cybercriminals are always looking to innovative and more sophisticated ways of impersonation and duping unsuspecting victims to give up their financial information.

When you’re evaluating whether an email is a phishing attempt, some questions you can ask yourself include:

  • Do I recognize the sender’s name and “From” email address?
  • Does the email’s subject line or body include typos or grammar mistakes?
  • Does the sender’s email address match the name in the “From” field?
  • Do I recognize the recipients included on this email?
  • Does the email have a call-to-action such as clicking a link or downloading an attachment?
  • Is the email asking me for personal information, such as my SIN number or bank account login?
  • Did I sign up to receive this communication from this sender?
  • Is the layout or image quality odd?

As a general rule of thumb, be suspicious of all links and attachments and think first before clicking.

If you ever get a suspicious email from someone claiming to be a reputable company, friend, or acquaintance, it’s always best to contact the organization or individual in question immediately to confirm whether the email is legitimate before proceeding.

One thing to keep in mind is that just because you receive a phishing email doesn’t mean your personal information has been compromised. Email phishing scams are only successful when their targets click on malicious links or download harmful attachments.

Rothenberg Capital Management will never ask you to provide confidential or sensitive information through regular e-mail. If you receive an email from us requesting that you provide information such as your account numbers, PIN, or password, please do not respond and notify us by sending an email to: inforequest@rothenberg.ca.