Fraud Prevention Warning Signs
Phishing, Pharming and Spoofing
The sender's email address does not include the correct corporate domain (for example, @excelth.com). If there is any variation after the "@," such as extra characters or words, it's not from Excelth.
The greeting are usually generic ("Dear customer," "Dear account holder") or addresses you by your email rather than your name.
These emails also seek login credentials such as username and password, personal data like your Social Security number, or billing info like bank account or credit card numbers. Be mindful of typos, bad grammar or foreign spellings (for example, "centre" instead of "center"). Usually you will be urged to act quickly, at the risk of losing your account.
Do hover your cursor over links in the body of the email. This will reveal the true destination URL. If the link is unfamiliar, don't click it.
Do only use a company's official website or app to update account information such as passwords or payment methods.
Do contact the company directly, through an official website or customer service line, if you have concerns about an email or text message you received.
Do use antivirus software and keep it up to date. Activate firewalls and other settings that block malicious files.
Don't open documents or download files from suspicious emails. They could install malware on your device.
Don't click on links or open attachments to "update," "unlock" or "verify" an account. Go to the company's website or app to check your account status.
Don't click on a link or call a phone number in a text "alert" to verify your identity or account status.
Don't reveal personal or financial information in response to an unsolicited email. Legitimate companies will not ask you to provide sensitive data in an email.