Skip Header Navigation

Skip Breadcrumb Links  

Be an Email Detective: How to recognize email scams

There has been an increase in email scams that appear to come from legitimate sources, but in reality are scams. These emails urge the recipient to click on a link contained within the email, usually under the guise of providing a product or service or soliciting personal information that seems genuine. Clicking on the link takes the recipient to a site that downloads malicious software to their device or attempts to steal the recipient’s personal or corporate information.

Whenever receiving an unsolicited email:

  1. Verify the message before you take any other action.
    1. Do not click on a link, call a phone number provided in the email, wire money or take any requested action, unless you first verify that a request is legitimate.
    2. Cross reference the information within the message with information you already have on file or by making an independent search on the Internet without clicking on any content within the message.
  2. Ask yourself if you are being urged or tempted to respond or click on a link?
  3. Be cautious of unsolicited emails that include a sense of urgency and a call to action. Some examples include being asked to:

    1. Respond quickly to ensure the service.
    2. Click on a link to arrange for a refund, obtain an incredible deal, or receive a monetary windfall.

    For targeted scams, they may reference violations to laws or regulations as a lure to get you to click

  4. Do not allow the urgency of the email to entice you!
  5. Emails are often worded to get the recipient worried. This can be threats of discontinued service, fines for failure to respond, or non-delivery of an expected service. Independently verify the message before you click on any links.

A good “pre-check” is to allow your mouse to hover over a link, without clicking on it. The actual URL will be displayed, so you can see if it is the same as what is printed in the email.

  • If the links are the same: CAUTION: that does not automatically mean that it is a valid link, so you should still verify the message.
  • If the links are different: STOP: that is a very good indicator that the link is not what it is pretending to be.

Some scammers use “look-alike” email addresses that pretend to be from real people or companies (e.g. JohnSmith@gmail.com rather than John.Smith@gmail.com).

The danger here is that they could obtain information from you if you don't recognize the trick. So the important message is to verify the sender before you act. See “Email scams - how to spot them!” for more information.

Report Suspicious Email

If you believe your confidential information may have been stolen or obtained by a fraudulent party either online, by telephone or through any other means, call us immediately.

For phishing emails or to report fake websites masquerading as RBC company websites, follow this reporting information.

As always, be wary of any unsolicited and suspicious e-mails, even if they are addressed specifically to you and appear to be from legitimate sources.

Share Phishing Information

For more tips on how people can detect potentially dangerous emails, see Email & Website Fraud. Please share this link with friends and family.