Skip navigation

Stay on the lookout for these phishing red flags

Ting tip

Quick tips to get the most from your phone, your favorite apps and your Ting service. No fluff. Just the tips.


Get educated on the basics of phishing

With phishing scams becoming more commonplace every day, it’s best to brush up on major phishing red flags so you can spot a suspicious email when it lands in your inbox.

Phishing is an attempt to get hold of personal, financial or otherwise sensitive information like account numbers, usernames and passwords. A successful phishing scheme will get people to volunteer information by camouflaging itself as a routine communication, often an email message, from a trusted source like a bank or a colleague.

Phishing emails and messages can have all the look and feel of a regular communication, but there are a few giveaways to look out for. Never volunteer to share personal information like passwords, usernames, account numbers or work log in credentials through email. If something ever feels phishy (as it were), chances are it is.

Here are some common red flags that may indicate an email or message isn’t what it seems.

It asks for accounts or passwords

Phishing schemes typically ask for personal information. If you ever get an email that asks you to reset your password immediately, it’s wise to avoid clicking through any links provided in the message. Bad actors will often create incredibly convincing replicas of things like a banking site in order to phish logins and passwords.

Account security can be easily confirmed through trusted channels and services directly. So, let’s say you get an email that appears to be from Twitter about your account security. The email suggests resetting your password and provides a link to do so.

Here’s an easy, safe way to determine if your account is secure. Open a browser window, and log in to your Twitter account as you normally would. If you get in, there’s no issue. You can reset your password if you choose… just not by clicking on a link from an email. At least, not one you didn’t expect.

It has an urgent feel

Phishing messages will try to rattle recipients by suggesting action must be taken immediately. The messaging will make it seem like every second counts or tell you to “act now” in order to secure accounts.

If you’re concerned about time sensitivity, bypass the email itself (and never click on a link) to get in touch with the service through a prior, trusted channel. Just as the example above, it’s best to open a new browser, log in and check things out.

URLs and email addresses are off

URLs and email addresses can leave clues and signs that point to phishing. Check links by hovering your cursor over text to reveal actual destinations. This will be displayed in the bottom corner of your browser.

Make sure links include https:// at the beginning of the web address. The “s” in this case signifies a secure link.

Email addresses may make subtle, difficult to catch spelling errors. For instance, using “nn” where an “m” should appear or switching a couple of letters around. Let’s face it, we tend to skim, especially when sorting through our digital mailboxes. Taking an extra couple seconds to confirm sources and links can make all the difference when it comes to security.

Trust no one (seriously though)

Remember, if one of your contacts gets hacked, you’re vulnerable too. Be aware that phishing emails can come from users and email addresses that look totally credible. You can always confirm odd looking messages with the sender through another channel like a good old-fashioned phone call. They’ll thank you for it in the long run.

Looking for more security-related tips and tricks?

We’ve covered our fair share of security tips here on the Ting Blog, including how to keep your data safe on free Wi-Fi, how to opt-out of Facebook Messenger accessing your contacts and even how to flag unwanted spam and scam calls.