Creates a sense of urgency and call for immediate action with a date or hours left to respond, words like “Click now”, “Expires in 4 hours” etc.
Unfamiliar sender or other recipients.
Spelling and grammatical errors.
Deliberate obfuscation of spelling example using zero instead of the letter ‘O’ and other such trick substitutes of the actual letters or joining of two words together by removing the space in between.
Lack of personalization and generic greeting like just “Hello”, “Hi” or “Hello Sir” etc.
Threatening of negative or punitive action like electricity/phone would be cut, money will not be accessible, account will be blocked, losses need to be made good, or blackmail for something purportedly illegal etc.
Attractive promises that are too good to be true with hope of huge returns or rewards, such as winning a lottery you never participated in, quick large returns, or far cheaper than average goods.
Mismatch – sender’s email domain and organization name don’t line up, phone belongs to a different region than the organization etc. Sender’s email is a generic email such as Gmail or Hotmail when the sender claims to be from a government department.
Clumsy design work, poor content and functionality of website that looks sketchy or hurriedly done, logos look weird or of poor quality images.
Social Media profile has few connections, if any and not too many details filled out.
Unfamiliar tone – For example your boss is sounding extra formal or a friend you haven’t met in years is sounding over familiar.
Suspicious attachments or links embedded in the message and you are being asked to click on a link or download a file, especially one that is macro enabled indicates a possible scam.
Link you have received points to a site which looks like your bank or other familiar site but still different and starts with only http:// as against https:// (https:// denotes that it is a secure website).
Request for payment or personal credentials - Forms and requests to fill out personal or sensitive information or payment details - like credit card number, ATM / Credit card PIN, Aadhar card number, OTP etc.
Short and ambiguous – Scammers sometimes keep details limited in the hope of getting lucky. So you may see messages like “Here’s what you requested” without the details.
You did not initiate the conversation or the sender is unexpected – For example you get a response from HR on a job you did not apply for, or from a courier company for a package you did not order.
Misleading links and short url links and non-secure websites that start with just http and no padlock - Hover your mouse cursor over links in emails. When your mouse cursor hovers over a link, a small window will appear above the link to show you the actual URL, which is the real destination of the link. If the links are mismatched, it is a strong indicator that something ‘phishy’ is going on. If you are using a mobile device, long-press the link to display a window with the actual URL. Be careful not to tap and open the link!
Unusual and non-traditional payment mechanism being asked for; for example gift cards, cryptocurrency or other such tender that is hard to trace.
Top line search items returned and paid Ads – sometimes scammers mimic good brands and place fake ads to get on top of the search results.
Image only emails. Or Emails where the return address on the email header is different than the one that seemingly sent the email.
Cyber Helpline Number: 1930
Cyber Crime Reporting Portal : cybercrime.gov.in
RBI Booklet on Modus Operandi of Financial Fraudsters : Download here