Phishing emails are messages in which cybercriminals attempt to access somebody’s sensitive personal information. These messages can often appear to be sent from legitimate websites, but are actually being sent from people posing to be someone or something they’re not. These messages may try to steal account information, banking information, or any other kind of personal info that could lead to identity theft or an infected computer. Phishers may also use your personal information to install malicious software onto your computer.
What to Look For
- Links – Many phishing emails will provide links within the message that will ask you for your information. To test whether or not a link is legitimate, hover over the link without clicking it, and the domain of the real website will pop up. If the name of the domain that pops up is different than the link provided, it is most likely a scam.
- Threats – If an email contains a threat along the lines of “Fill out the provided form or else your account will be locked”, don’t trust it. It is likely an attempt to persuade you to give out your personal information. Cybercriminals will often use this tactic to make the victim feel obligated to fill out the illegitimate form.
- Spelling or Bad Grammar – If you receive an email claiming to be from a legitimate organization but the message contains incorrect spelling or bad grammar, it is likely a phishing attempt. Legitimate organizations will have a team of editors that will make sure the email is typo-free before sending it out.
- Illegitimate Use of a Company’s Name – Phishing emails will often fraudulently use a popular company’s name, such as Microsoft, to make the message sound more believable. If you ever receive an email that contains something such as “Microsoft requires your credit card information in order to validate Windows Updates”, do not trust it.
What to Do About It
These are just a few of the common examples of phishing that you may come across. These obviously are not the only methods of phishing that you may encounter, however. Cybercriminals are getting more and more clever each day. Always be on the lookout out for illegitimate emails. If you ever encounter a suspicious looking email, mark it as spam or junk and report it to email@example.com. We will investigate the issue and try to prevent it from happening again in the future. A good rule of thumb is that if the message looks fishy, it’s probably “phishy”. ITS will NEVER ask you for your password over email, so if you receive a message asking for personal information, it’s not real. Click here to learn more.
Always be sure to keep an eye out for phishing emails. If it looks suspicious, don’t trust it!
Adapted from https://www.microsoft.com/security/online-privacy/phishing-symptoms.aspx by Microsoft.