BBB Tip: How to Stop Phishing Emails

Image of black keyboard with red phishing scam key

Phishing email scams work by fooling you into clicking on a link or opening an attachment that infects your device with malware or takes you to a webpage that looks legitimate but isn’t.

Cybercriminals send an estimated 3 billion spoof or phishing emails every day. Most end up in spam folders or can’t get past firewalls, but many hit their target.

The FBI’s Internet Crime Report for 2020 paints a distressing picture. According to the report, phishing is the most common type of cyber crime. Reported complaints more than doubled from 114,702 incidents in 2019 to 241,342 in 2020.

California led the nation with 69,541 victims of cybercrime suffering a combined loss of $621,452,320.

7 Tips to Stop Phishing Emails

#1. Think twice before you click.

Credit card phishing scam

Opening a random, unexpected email – especially one with a compelling title – can be tempting. But think twice before clicking on any clicks or an attachment. It might just be harmless spam, but it can also be a malicious phishing email. Don’t take the risk.

#2. Use antivirus software.

Good antivirus software with firewall protection can help prevent phishing attacks. By scanning every file you receive, it might slow down your device a bit. It’s worth the price if it stops you from becoming a phishing attack victim.

#3. Consider the source.

Hacker wearing mask in front of computer

Phishing emails are often disguised as emails from reputable organizations, such as your bank. Scammers are good at replicating emails and web pages to make them appear legitimate.

If you get an email from a company you don’t have any dealing with saying there’s a problem with your account, it’s a scam. However, if the email is from a service provider, bank or other organization you’re using, don’t click on any links in the email. Visit their official website or phone them (don’t use the phone number in the email) to confirm if there’s a problem.

#4. Mark as spam.

Email services such as Gmail, Microsoft Outlook, Yahoo Mail, and Apple Mail, use algorithms that filter out suspicious emails by sending them to a spam or junk email folder.

Don’t delete spam emails in your regular inbox before marking them as spam. This way, if you receive more emails from this address, the spam filter will automatically treat it as spam.

#5. Use a secure email gateway.

Email gateways filter out malicious emails and automatically place them in quarantine. A good email gateway can block up to 99.99% of spam emails or emails that contain any harmful links or attachments.

Service providers include Proofpoint, SpamTitan, Avanan and Mimecast.

#6. Protect your login information.

Login information

Many people use the same login information for multiple websites. If your login details are compromised in a phishing attack, it might give scammers access to your other accounts.

Consider using a password manager to create and store unique passwords for all your accounts. In addition, many online accounts require or encourage users to register for two-factor authentication. For example, you have to log in and enter a one-time password that’s sent to your cell phone before you can proceed. 

These security measures might seem annoying or cumbersome, but they’re worth it.

#7. Stay informed about new phishing techniques.

Scammers are constantly coming up with new ways to obtain personally identifiable information from consumers. Even if you know how phishing emails work, never get complacent.

Always try to stay informed of the latest phishing techniques so you’re protected.

Report Phishing Emails


The Better Business Bureau has resources to help consumers and businesses. You can report a scam (whether you’ve lost money or not), file a complaint against a business, leave a review of a business you’ve used and report an ad.

Visit our blog for more tips and scam alerts.

Share on facebook
Share on twitter
Share on linkedin