Fidelity National Financial - Fraud Insights

In the last year changes to Microsoft® Outlook® have resulted in an increase of junk emails received. Unfortunately some of these emails are not simply advertisements or junk; they are dangerous and could potentially result in someone hacking into your email account. Once a hacker has access to your email account, emails may be intercepted or sent from your account. Protecting your email account from hackers is actually quite simple. Read on for tips on how to protect your account.

Hackers try to trick (phish) you into clicking on links that may appear to be legitimate, but are actually trying to fool you into providing your login credentials. Phishing emails often have tell-tale signs they are fraudulent. For instance the "To:" line may be blank or grammatical errors may be abundant. Additionally requests that require you to act immediately or urgently are a red flag that should be a warning to think carefully before you click on any links. The subject line of the email can also be a clue to phishing emails; especially if the subject references transactions that do not exist or the context of the email is out of character with your normal correspondence.

Anytime you are asked to click on a link in an email, you should first place the cursor over the link. Do not click on the link. This reveals the true Uniform Resource Locator (URL), which is the address of a Web page. If the URL does not match up with the sender's information, do not click on the link.

Legitimate websites use Secure Sockets Layer (SSL) (Secure Sockets Layer (SSL): A proposed standard method of increasing security on the Internet, by making it difficult to intercept critical information, such as credit card numbers, when those are communicated on the Internet.) or other similar security technology which helps protect their customers' personal information entered on their site. You can verify the site is secure because the Web address will begin with https://. The "s" after http stands for secure (instead of the usual http://).

Be aware of URLs that include the @ sign. Browsers ignore anything in a URL which comes before the @ sign.

Another common technique used by phishers is a URL which displays a reputable company name but on closer scrutiny is slightly altered. For example, www.microsoft.com could appear incorrectly as:

www.micosoft.com
www.verify-microsoft.com
www.mircosoft.com

Other tips include viewing the email headers to see where the message really originated from. If the "From" information does not match the email address of the sender or the company being represented in the email, it usually means the message did not truly come from that individual or company.

Look for incorrect grammar and spelling. Be suspicious of plain text emails which are absent of logos or graphics. If an email is all plain text and looks different than what you are used to seeing from that sender, it is best to go with your gut feeling and ignore the message.

Compromised accounts not only pose a threat to a company's IT or security departments, they also lead to a drop in our customers' overall trust and loyalty, affecting marketing, sales and beyond.