Do you think you can tell the difference between a real email and a fake one sent by hackers trying to access your personal information?
TODAY national investigative correspondent Jeff Rossen demonstrated on Friday that it's not so easy. Hackers can mimic real companies in subtle ways to get access to your money and information in email scams.
Rossen asked people outside of the TODAY studio near Rockefeller Center to identify what they thought were fake or scam emails, which were previously put together by a security expert to closely resemble legitimate messages. Many people couldn't tell the difference.
Rossen outlined five major red flags that will indicate if a hacker is trying to steal your information:
The email address is misspelled. In an example, Rossen showed an email that appears to be from Bank of America but the email address read "bnk" instead of "bank." That means it's not from an official company account.
Bad formatting in the body of an email. If the text of the email contains broken or incomplete formatting, such as a blank line in the middle of a sentence or strange spacing, it's most likely a fake.
Links or attachments asking for updated personal information. Rossen warned against clicking on any attachments in these types of emails, which may contain viruses and malware. Instead he suggests picking up the phone and calling the company to verify the inquiry.
Beware of deals. If the email congratulates you on earning a cash rewards bonus or indicates you have been selected for some type of deal, it generally should include the last four digits of your account number. If the email does not contain that, it's most likely a phishing scam seeking your account information.
Grammatical errors in the email. Small mistakes, like apostrophes in the wrong place or misspelled words in the text of the email are subtle indications of a scam.