How to avoid phishing scams

Lecture
4 minutes
Catégorie
Account

A phishing scam(nouvelle fenêtre) is a cyberattack where a criminal sends you an email that either links to a fake website or contains an attachment that is, in reality, malware (for example, keylogger software(nouvelle fenêtre)). 

Fake websites are typically designed to trick you into divulging sensitive personal information, such as your bank login details. Phishing emails usually claim to be from a trusted source and make it sound like an emergency to make it more likely that you’ll click the fraudulent links or attachments provided..

Classic examples are your bank or email service, but craftier criminals often pose as services that are less likely to trigger your alarm bells because people tend to re-use the same passwords across multiple websites and online services.

Learn more about phishing attacks(nouvelle fenêtre)

How to verify emails are from Proton

As a valued member of the Proton community, you will occasionally receive emails from Proton, Proton VPN, Proton Mail, Proton Drive, or Proton Calendar. Reasons we send these emails include:

  • Product notifications (such as for upcoming Calendar events or a completed Easy Switch import)
  • Newsletters to keep you updated about company news and new releases
  • Email address verification
  • Account recovery
  • Offers and promotions

To manage the emails we send you, sign in to account.protonvpn.com and go to AccountEmail subscriptions

Whenever you receive an email that claims to be from us, we strongly encourage you to verify that it’s genuine. The following list shows all the domains used by Proton to communicate with our community via email. To verify that an email is genuine, simply confirm that it was sent from one of these domains:

  • no-reply@news.proton.me
  • no-reply@news.protonvpn.com
  • no-reply@news.proton.me
  • no-reply@news.protonvpn.com
  • no-reply@mail.proton.me
  • no-reply@calendar.proton.me
  • no-reply@drive.proton.me
  • no-reply@vpn.proton.me
  • no-reply@offers.proton.me
  • no-reply@offer.protonvpn.com
  • no-reply@notify.proton.me
  • no-reply@notify.protonvpn.com
  • no-reply@verify.proton.me
  • no-reply@recovery.proton.me
  • no-reply@partners.proton.me
  • no-reply@referrals.proton.me
  • contact@protonvpn.com
  • support@protonmail.zendesk.com
  • contact@proton.me

If you receive an email that claims to be from Proton but does not come from one of the above domains, please report it to abuse@protonvpn.com.

Tips for avoiding phishing scams

By following these tips, you will greatly reduce your chances of becoming a victim of a phishing scam. 

If you’re unsure about whether an email is genuine, visit the service’s website directly to access the information you need. You should also contact the support team of the organization in question from the genuine website if you have any additional questions.

1. Check the domain the email was sent from 

If you know the email’s domain matches that of its website, then it is probably genuine. Be careful not to confuse similar-looking domains with the real thing (for example, proton.rne instead of the correct domain, proton.me). 

2. Be careful about clicking on links

Only click on links if you are 100% sure the email is genuine (for example, if you have checked that an email from Proton came from a domain listed above).

3. Use Proton Mail

Proton Mail offers several security features designed to prevent phishing attacks. These include:

Emails from Proton domains have an Official badge

All emails sent from legitimate Proton domains to Proton Mail accounts have an Official badge(nouvelle fenêtre), making it easy to know if an email is genuinely from us.

Link confirmation

This simple but effective phishing defense is enabled by default in all Proton Mail apps. It asks you to confirm that you wish to open an external link from an email and shows you the entire link URL.

Learn more about link confirmation(nouvelle fenêtre)

Address verification

This advanced feature allows you to manually trust PGP keys for specific contacts, giving you full control over which keys you trust. 

Learn more about address verification(nouvelle fenêtre)

Lock icons

You can easily identify the encryption status of emails you receive using lock icons shown on each email. 

Learn more about how to check encryption status using lock icons(nouvelle fenêtre)

DMARC Protection

Proton Mail supports Domain-based Message Authentication Reporting and Conformance(nouvelle fenêtre) (DMARC). If the domain of an email fails authentication checks (using the SPF and DKIM mechanisms), then Proton Mail will show a warning message. 

If you use Proton VPN, you already have a Proton Mail account. 

Learn more about Proton Mail plans(nouvelle fenêtre)

Vous ne trouvez pas ce que vous cherchez ?

Contact - Généralcontact@proton.me
Contact - Médiamedia@proton.me
Contact - Juridiquelegal@proton.me
Contact - Partenariatspartners@proton.me