1. Double click the sender's name to make sure you find out the identity of the sender. Avoid any email sent by a website that you do not recognise or an email address that you do not know.
2. Check the subject line of the email for common spam topics. A common phishing tactic is to evoke a sense or urgency or fear. Take note that in the email below the sender used the word "urgent and deactivate" to get the attention of the receiver.
3. Spot the unknown attachments or links. Always hover first over the links in the email. Do not click immediately. Move the cursor over the URL link and pop up message box will appear showing where the link is opening to. Verify that the link points to the organisation that the email came from (as highlighted in the image below).
This example below is showing a spam email.
4. Always check first if the URLs are legitimate and has encryption (https://). It is best practice to always open a new window and go to the site directly without using the link provided in the email. Right Click on the URL link and select "Copy Hyperlink".Create a new email message, right click on the message body section and click on Paste Text only (as highlighted on the image below).
5. Avoid any "calls to action" button and requests of information. One tactic that is commonly used by hackers is to alert you that you must provide, verify or update your information about your personal account. Hackers will use this tactic to drive urgency for someone to click on the URL or download an attachment aiming to infect the PC/laptop or steal your information. The email below is an example.