We have updated our Privacy Policy and Privacy Options

Got It

How Understanding Phishing Techniques Can Help Legitimate Emails Be Trusted Emails


Phishing scams run rampant in most people’s inboxes. Phishing is a term given to emails that criminals use to capture sensitive data and information.

I have always been a fan of the “Plain English” video series from CommonCraft. Here is the video they produced called Phishing Scams in Plain English to give you an overview.

You, the consumer, need to be protected. But as marketers we have another challenge: sending out legitimate emails that customers don’t suspect to be phishing scams.

The last thing you want is a real message to your customers to be discarded, ignored, or worse: marked as SPAM.

There are many tips to help protect yourself from being scammed with a phishing scheme. We can use these same tips to help craft messages and contact strategies that stay on the up and up in the eyes of your consumers. Some may seem very basic and, if that’s you, you are one of the smart ones. You would be surprised to see how many legitimate companies still make these mistakes.

Tip #1: Do not ask for any personal information. If there is ever an instance when you need to ask for sensitive information, ask the customer to go to a specific page on your website with a page off your root domain. Do not hide the link in a text link.

Tip #2: Avoid extreme scare tactic messaging. Headlines that say things like, “Your account has been illegally accessed,” are typical phishing scam headlines.

Tip #3: Use security badges. Reduce anxiety by adding security logos and badges in close proximity to login forms.

Tip #4: Stay brand consistent. Frequently, legitimate account management emails are sent out by a different department than marketing, and therefore are not brand consistent with other marketing efforts. This can be as simple as the color of your email or the tone of the copy.This will cause anxiety for even your most web savvy customers.

Tip #5: Avoid unfamiliar URLs. Do not direct someone to a landing page that feels a little off from the original website they accessed. For example, customers will feel safer accessing a landing page at www.YourCompany.com/Offer than they would accessing www.YourCompanyOffers.com.

Tip #6: Provide a place to report suspected phishing dcams. Provide easy to find links on your website to report suspected phishing scams. You may be surprised by how many of your legitimate emails get reported.

Criminals will always be searching for new ways to maliciously access your customers’ data. It is important to be aware of the techniques they use so you can craft your communications appropriately.

Have any other techniques to add? Please let us know in the comments.