Phishing is a fraudulent attempt to trick individuals by creating and sending fake emails that appear to be from an authentic source. The phishing email might ask you to collect personal data such as login credentials, credit card numbers, social security and bank account numbers, or prompt you to open a malicious attachment that infects your computer with a virus or malware.
Be Vigilant – Vigilance is Key How do you tell the difference between a phishing message and a legitimate message? There is no single technique that works in every situation.
Be aware of the following phish-y attempts:
- Don’t trust the display name. Always check the sender’s email address. When a hacker sends fake emails, they opt to obscure the sent address with a name that might be familiar, like ‘John Smith’. Be sure to check the originating email address and determine if it’s genuine.
- Reply-to address is not the same as the sending address. If the reply-to address is different than the sender’s address, this should raise suspicion.
- Look but don’t click. Hover your mouse over any links found in the email. Dangerous links are masked as safe links. If the link looks weird, don’t click on it.
- Check the message for poor spelling and grammar. Legitimate messages usually do not have major spelling/grammar mistakes.
- The message asks for personal information. Most companies will not request confidential information via email.
- The offer seems too good to be true. If you are promised money or prizes, use extreme caution. Don’t believe everything you see.
- Review the signature. Lack of details about the signer could suggest a phish. Legitimate businesses always provide contact details.
- The message invokes a sense of urgency. Fraudsters often include urgent “calls to action” to try to get you to react immediately. Be wary of emails containing phrases like “your account will be closed”.
- Don’t open attachments you weren’t expecting. Malicious attachments could contain malware.
- Something just doesn’t look right. Always be skeptical when it comes to email messages.
Phishing is not to be confused with Spam – a form of junk mail. Spam is an irrelevant commercial, an unsolicited email, typically sent in bulk. Phishing emails attempt to convince users to surrender information through a variety of tactics including email attachments, familiar links, and other suspicious requests prompting you to transfer funds, or provide sensitive information.