Alerts, guides, and research from the IsThisAScam team. Updated weekly.
Pharming redirects you to fake websites without you clicking a bad link. Learn how DNS poisoning and host file manipulation work and how to protect yourself.
WHOIS records reveal who owns a website. Learn to read WHOIS data, spot privacy proxies, and use registration details to assess trust.
Fake DHL customs fee emails demand payment for non-existent packages. Learn to distinguish real DHL notifications from scams that steal your money and data.
Ten specific warning signs that a text message is a scam, with real-world examples of smishing attacks and instructions for reporting scam texts.
A compassionate, practical guide for helping older adults avoid scams without undermining their independence or dignity.
Microsoft 365 password expiry emails are always phishing. Microsoft removed password expiration policies years ago. Here is how to recognize and handle them.
Clone phishing duplicates legitimate emails you have already received and replaces links or attachments with malicious versions. Here is how to detect the copies.
Learn why domain age matters for website trust. Step-by-step guide to check when any website was registered and what it reveals.
Scammers use fake LinkedIn connection requests to harvest personal data, spread malware, and launch targeted attacks. Spot the warning signs before connecting.
Fake DocuSign emails trick people into revealing credentials or signing fraudulent documents. Learn to identify phishing emails disguised as DocuSign requests.
Whaling goes after CEOs, CFOs, and board members with meticulously crafted attacks. Learn how these high-stakes scams work and why executives are uniquely vulnerable.
Learn to inspect SSL certificates to verify website identity. Step-by-step for Chrome, Firefox, and Safari with real examples.
Scammers are sending fake Zoom meeting invitations to steal credentials and install malware. Learn to spot these phishing emails before clicking.
Emails claiming your Facebook account has been disabled are a top phishing vector. Learn how to verify these notices and protect your Meta account.
Fake Dropbox document sharing emails are a common phishing vector targeting both personal and business users. Learn why these notifications are dangerous.
Regular phishing casts a wide net. Spear phishing researches you personally. Here is why targeted attacks succeed far more often and how to defend against them.
Verify any URL before clicking with free tools and manual techniques. Protect yourself from phishing, malware, and scam sites.
A plain-language explanation of the three email authentication protocols that protect against email spoofing and phishing.
VPN companies market themselves as security tools, but they don't protect against most scams. Here's what VPNs actually do and what actually keeps you safe.
That Netflix payment failed email might not be from Netflix at all. Learn to identify fake Netflix billing emails and protect your payment information.