As good phishing emails get more prevalent, greater emphasis must be placed on avoiding them. Listed below are some simple methods to avoid getting scammed by phishing emails.

1. Recognize a suspicious request or action.

      Email scams come in many forms. Some of the most common scams are links, attachments, and requests for action. If you receive an email with a link or an attachment that you were not expecting, Verify the email address before opening the link or attachment. If an email requests an action that you were not expecting, particularly if it involves funds or client data, Verify the email address and Verify the sender before completing the action.

2. Verify the email address

      The name displayed on an email is easily changed to whatever the sender wants. DO NOT TRUST IT. Instead check the address on the email. The address will be in the format name@domain.com. The important part is after the @ symbol. If the name here does not match the name of the company the person belongs to DO NOT trust the email. For example, all emails that come from Hilltop's email system should end in htop.org.

      When in Outlook Desktop, the address can be checked by double clicking on the senders name in an open email. When in the Outlook Mobile App, the address can be checked by tapping on the senders name. 

3. Verify the sender

      If you are unsure of the legitimacy of an email, particularly when client data or funds are involved, use a known contact for the sender to verify the contents of the email. The key piece of this verification is you are contacting them, not the other way around. Often this is done in person or over the phone.