Just kidding – what happens isn’t as obvious as that. The link directs you to a website which asks you to input your username and password. Except the website and the email are both fake.
This is an example of a phishing email, which is sent by a scammer to trick you into thinking they are a legitimate company or organisation. They lure people into thinking it is safe to input sensitive information such as usernames, passwords, or financial details.
If you have entered financial details into the fake website, such as a credit card number or bank account number, the scammer can use it to steal money from your accounts.
Sometimes, something more subtle and malicious can take root in your computer. A virus can infect your computer, which scammers can use to access your personal information.
Luckily, there are several ways to detect a phishing email. First, check if the domain name in the email is different from the official URL. For instance, the URL in a phishing email may be “update.yahoomail.com” instead of “mail.yahoo.com”, which is the official domain.
Miscapitalisations, grammar issues, and spelling mistakes are also common in phishing emails.
If you fall for a phishing scheme, make sure to change your account information on the real site right away.
Phishing emails may state that they’ve given you a “temporary link”. That’s a red flag that the email has not come from the official organisation or authority. Their message may also sound urgent by mentioning a deadline. For example: “Your account will be deleted in the next 14 hours if you don’t sign in.”
During the pandemic, scammers have even impersonated the Department of Health in emails promising crucial updates on the coronavirus.
However, government organisations will never ask you to input your personal details in order to receive information from them. They would always post anything important on their official website for everyone to see.