Skip Header Navigation

Phishing Resource Website

Recognizing Phishing Emails

Phishing emails are becoming more sophisticated and can be tricky to spot. Being able to recognize phishing emails can help prevent you from becoming a victim.

Below is one example of a phishing email. Click on the number to learn more.

Email
Phishing emails no longer only begin with a generic greeting such as "Dear Client". They may use your email address such as "Dear john.doe@abcd.com" or even your name. Some emails will refer to a "problem" with your account and urge you to access a link to verify your information. No legitimate company will notify you of a problem through an unsolicited email. There is often a sense of urgency in the email encouraging you to respond immediately. Many emails have links that look valid but lead to a fake website. Here's a tip: move your mouse over the link in the email until a small box appears with the URL (web address).  If the web address in the box is different from what you see in the email, the link may lead to a fake site. Do not click on this link.

Recognizing Fake Websites

A fake or "spoofed" website can look just like a company's real site. Look for these telltale signs to help you spot a fake website.

Below is one example of a spoofed website. Click on the letter to learn more.

Web site
Ensure the address in your browser's address bar begins with 'https' when entering personal information. If the address begins with only 'http' do not enter any information. Always look for a lock icon on the browser. Double-click the lock to display the security certificate. If there is no lock icon or if you are at all unsure about the information in the certificate do not sign on or enter any personal information.

Also be wary of security alerts or unusual pop-up messages requiring input while you are on a website.

If you are unsure if the website is a valid RBC company site play it safe. Do not sign in or enter any personal information. Instead, contact us.