Register for your free ZDNet membership or if you are already a member, sign in using your preferred method below.
Always check both the display name and the email address of the sender. If the two do not match, or the sender's domain looks suspicious, then do not open the email.
If you do not have an online account with a specific brand, then you have no reason to open any email from them.
It could be a worm, virus, or a phishing attempt by someone who wants to get your details.
If you do have an account with the bank or brand, but the message seems to relate to something you do not remember doing, do not click on any links or open any attachments.
Banks will never send you impersonal messages like this. They will personalise the mail to your name and usually will include three digits of your account number or other personal details.
Spelling mistakes do occasionally occur, but badly written emails should be junked straight away.
Enable two-factor authentication to avoid others taking control of your account and potentially locking you out of your own mailbox.
Vague greetings, such as "Hi Dear," would never come from a legitimate source.
Banks and other valid organisations would always use your full name when addressing you in an email.
The adage "if something seems too good to be true, it usually is" holds true for emails offering you rebates, refunds, and unasked-for cash.
Always be suspicious. Check the link and the address. Real cash refunds are usually in response to a request for a refund.
If you see a link in your email, do not click on it. Instead hover your mouse over the visible link to see the real destination. You can then see if the link looks authentic and has no .php or other types of scripts in it.
Another check is to see if the link starts with https, which indicates a secure connection.
If all else fails, and you are really tempted to open the links, but you have a hunch something is wrong, check with the brand that apparently sent you the email.
Do not use the reply to link on the email, but contact them through their valid website, or phone number if you have any doubts.
VPNs provide an encrypted tunnel to prevent your credentials being stolen when you are online. a VPN could minimize future attempts to extract your information.