Phishing is a cybercrime that involves tricking people into revealing their sensitive information, such as passwords or credit card details, by posing as a trustworthy entity.
How to identify phishing emails
It's important to be aware of the key indicators while looking at phishing emails versus legitimate emails:
- Emails often appear to be from a trusted source, such as a bank or online retailer, but they may contain links to fake websites or request you to provide sensitive information.
- Check the sender's email address. Phishing emails often use fake email addresses that look like they are from a legitimate source but are slightly different:
- Look for spelling and grammar mistakes.
- The text on links can look legitimate but point to a different location. Hover over the link or view source to see where it’s actually pointing to.
What to do when you receive a suspicious email
- Do not click on links or download attachments.
- Delete the email and report as spam or phishing if your email provider has this option.
Examples of phishing emails: Fake invoices
Receiving an invoice for books that you haven’t purchased
These appear to be from Rakuten Kobo. Both Kobo & non-Kobo customers receive these fake invoices.
Here are some easy steps to identify fake invoices:
- Hover your mouse cursor over the book title and make sure it goes to a Kobo product page. The link should take you to a page starting with https://www.kobo.com.
- Verify that the title in the receipt is something you purchased.
Malicious links in the emails
In the example below, the receipt number re-directs you to a non-legitimate website if you click the link. Do not click this link. Opening the link will download malware to your computer.
Real invoice indicators
- You'll see your name in the first sentence of the email.
The name you see here will be the same name as you used to create your Kobo profile.
- When you hover your mouse cursor over the title of the book, you'll see a link that goes to the Kobo Store. The link begins with https://www.kobo.com.
- Your receipt number will appear as a black font that is text-only. Text-only means that you shouldn't be able to click on the receipt number. If you can click on the receipt number, it means that the receipt is fake.