Phishing emails are typically fraudulent email messages which appear to come from legitimate sources (such as your university, Internet service provider, or your bank). These messages typically direct you to a spoofed website or attempt to get you to divulge private information (passphrase, credit card information, or other sensitive information). The goal of these scammers is to obtain this information and sell it for financial gain.
The good news is that there are things that you can do and look out for to ensure that you do not fall victim to this type of scam. You should look for the following characteristics to determine whether an email you receive is suspicious:
1. Mismatched information – The sender’s email address doesn’t match the company from which it came and/or the links in the email do not match the company’s website.
2. Spelling mistakes and/or bad grammar – The sender’s email address, message, and/or website contains spelling mistakes or bad grammar.
3. Uncharacteristic message – The message looks significantly different from other messages you have received from the company.
4. Generic greeting – The message starts with a generic greeting, such as “Dear Valued Customer” or “Dear Subscriber.” Most legitimate companies will use the name you provided them.
5. Unsolicited communications – The message is unexpected or not something you requested, i.e. a new bank account, lottery tickets, or different internet service.
6. Suspicious attachment – Most legitimate organizations do not send attachments, unless it is a document you have requested.
7. Sensitive information requests – The email asks you to verify or provide personal information, such as credit card or bank account numbers, or asks you for your passwords.
8. Sense of urgency or panic – The email attempts to get you to act immediately using language such as, “your account will be closed if…” or “your account has been compromised” or “urgent action required.”
9. Current event or holiday effect – The message plays on an emotion surrounding a current event or holiday, whether it be uncertainty, anxiety, or excitement, i.e., elections, Valentine’s Day, Tax Day.
10. Vague signature – The sender either does not sign the email or does not offer information on how to contact the company.
Recognizing these ten characteristics should help to keep you safe from phishing.