How do I know if an email or website is a scam?

Hackers and thieves skillfully have devised ways to gain access to your personal information online. Being aware of the various methods as described below is the first step to protecting yourself from fraud, identity theft and unauthorized use of your account.

Here is an example of what you should look for from a reputable website. 


Rest assured that StellarFi’s web pages are enabled with Secured Sockets Layer (SSL). One advantage of SSL is that your web browser verifies the identity of the server. If a fraudster successfully changed a website name so that a secure “StellarFi '' website address brought you to a fraudster’s site that looked like our site, your browser would display a warning. The warning would indicate that the name on the certificate does not match the name of the site. Should you encounter a similar message, do not access the page. Immediately contact StellarFi at support@stellarfi.com for assistance. 

Know that StellarFi will not ask for personal information via email. Be cautious of any unsolicited email you receive that asks for personal information. Do not respond, open any attachments, or click on links within an email if you suspect the message is fraudulent.

  1. Awkward greeting
    A phish may address the customer with a nonsensical greeting or may not refer to the customer by name.
  2. Typos
    This isn’t because fraudsters don’t know how to spell – it’s so the phish won’t be blocked by email filters.
    Examples in this phish: “accessed” “Our SSL security servers has… “fraudulent”
  3. Incorrect grammar
    Another tactic used to bypass email filters.
    Examples in this phish: “Our SSL security server has…”
  4. Strange or unfamiliar links
    This link looks official, but notice what happens when the mouse curser rolls over it. The link’s source code points to a completely different website. Remember that you can always type a URL into your web browser instead of clicking on a link.
  5. Compelling or urgent language
    An urgent need to communicate with you for your own security, or a request to update your information immediately.
    Examples of this phish: 

“We recently contacted you after noticing an issue with your account, which has been accessed unusually.”
“Our security department has requested information from you to verify your identity for your account.”

  1. Misspelled company name.
    Another tactic used to bypass email filters.
    Example in the phish: “StelarFi”
    This is not a comprehensive list of phish email characteristics, but these examples will help you learn to recognize fraudulent emails. 
Was this article helpful?
7 out of 9 found this helpful

Articles in this section

Our helpline hours:
8:00am - 6:00pm CST Monday to Friday
Follow us on Twitter
Get the latest news and updates first