Last month alone, our shop helped three Southbury families recover from phishing attacks that emptied bank accounts and locked them out of email. One customer lost $4,000 to a fake Eversource bill. Another clicked a Medicare fraud link that compromised their identity. These scams are getting scarier because they look completely real.
Here in Connecticut, scammers know exactly what buttons to push. They'll send fake utility shut-off notices from Eversource, Medicare "verification" emails, or local tax warnings that look identical to the real thing. The goal is always the same: panic you into clicking a link or sharing personal information before you have time to think.
The good news? Once you know what to look for, most phishing attempts are easy to spot. This guide will show you the warning signs and teach you simple habits that keep you safe. No technical degree required.
Need Professional Help?
If these steps didn't solve your problem, we can help. We provide on-site email & software help throughout western Connecticut.
Learn About Our Email & Software Help Service →
🔒 More Security & Virus Removal
Looking for more security & virus removal? Check out our complete collection of guides and tutorials.
How to Spot a Phishing Email (7 Simple Checks)
Before you click anything in an email, run through this checklist. Even one red flag means delete it immediately.
1. Check the Sender's Email Address Carefully
Don't just read the name. Click on or hover over the sender's name to see the actual email address. A real Eversource email comes from @eversource.com, not @eversource-billing.net or @eversource.secure-portal.com.
Why this works: Scammers can fake the display name, but they can't fake the actual email domain. If the address has extra words, numbers, or weird endings, it's fake. This catches about 70% of phishing attempts right away.
2. Look for Urgent Threats or Too-Good Offers
Real companies don't threaten to shut off your power in 24 hours via email. They don't offer you a $500 Medicare refund you never heard about. Scammers use panic and greed because rushed decisions lead to mistakes.
Why this works: Legitimate businesses, especially utilities and government agencies, send multiple warnings by mail before taking action. If an email tries to rush you, that's your biggest red flag.
3. Don't Click Links—Go Directly to the Website
If an email says your Eversource account needs attention, don't click their link. Open your browser, type eversource.com yourself, and log in. Do the same for banks, Medicare, or any account.
Why this works: This simple habit stops phishing cold. Even if the email looks perfect, going directly to the real website means scammers can't redirect you to a fake login page. It takes 30 extra seconds and protects everything.
4. Watch for Spelling and Grammar Mistakes
Professional companies proofread their emails. Look for odd phrases like "your account will be suspend" or "confirm your informations." Sometimes the mistakes are subtle—"Eversouce" instead of "Eversource."
Why this works: Many phishing operations run overseas where English isn't the first language. Mistakes slip through. Real companies have editors. This catches about 50% of obvious scams.
5. Never Give Personal Information by Email
No legitimate company will ever ask you to reply with your Social Security number, Medicare ID, bank account, or passwords. Not Eversource, not your bank, not Medicare, not the IRS. Never.
Why this works: This is an absolute rule with no exceptions. Any email requesting this information is 100% a scam. Delete it.
6. Be Suspicious of Attachments
Unless you're expecting a specific document from someone you know, don't open email attachments. Fake invoices, shipping notices, and "secure documents" often contain viruses that install automatically when opened.
Why this works: Attachments can bypass your computer's defenses. If you're unsure, call the company directly using a number from their real website, not the email.
7. Trust Your Gut
If something feels off, it probably is. That little voice saying "this seems weird" is your brain noticing details that don't add up. Listen to it.
Why this works: Your instincts are better than you think. When in doubt, call us or call the company directly. A five-minute phone call beats weeks of identity theft recovery.
What to Do If You Already Clicked
First, don't panic. If you clicked a link but didn't enter any information, you're probably fine. Close the browser window immediately. Run a virus scan if you have antivirus software.
If you entered a password, change it right away on the real website. If you gave out bank information, Social Security numbers, or Medicare details, that's more serious. You need to act fast.
Still Not Working?
Some situations need professional help right away:
- Your computer is acting strange after clicking a link—pop-ups, slowness, programs opening by themselves
- You entered banking or personal information on what might be a fake site
- You're locked out of your email or other accounts and password resets aren't working
These problems get worse the longer you wait. What starts as a compromised email can spread to your bank accounts, credit cards, and identity within hours.
STILL HAVING PROBLEMS?
Don't waste more time troubleshooting. Call Chapin Business Services at (203) 262-1869.
✓ Same-day service often available
✓ We come to you (house calls)
✓ Serving Southbury, Danbury, Waterbury, Litchfield County, and all of western Connecticut
✓ Real human answers the phone
25+ years serving Connecticut families and small businesses.
Frequently Asked Questions
What's the most common phishing scam in Connecticut right now?
Fake Eversource shut-off notices are everywhere, especially in winter. They threaten power disconnection within 24 hours unless you click a link to pay. Real Eversource sends physical mail first and never demands immediate payment through email links.
Can phishing emails install viruses even if I don't click anything?
Generally no, just opening an email is safe on modern systems. The danger comes from clicking links or opening attachments. However, keep your computer and phone updated with the latest security patches to be sure.
I got a text message that looks like a scam. Is that phishing too?
Yes, that's called "smishing" (SMS phishing). The same rules apply: don't click links in unexpected texts, especially ones claiming to be from banks, utilities, or government agencies. When in doubt, call the company directly using a number you look up yourself.
How can I report phishing emails?
Forward suspicious emails to [email protected] (Anti-Phishing Working Group) and [email protected] (FTC). If it's impersonating a specific company like Eversource, forward it to their fraud department too. Reporting helps shut down scam operations.