What to look for in phishing emails and what not to do
Phishing persuades you to take an action which gives a scammer access to your device, accounts, or personal information. By pretending to be a person or organization you trust, they can more easily infect you with malware or steal your credit card information.
What to look for in phishing emails
1. Check the “FROM” email address for signs of fraudulence:
Make sure to cross-check the email domain on any suspicious email. This is the name after the @ symbol in the email address. It should match the name and company of the attempted sender (be on the lookout for minor misspellings!). If you are unsure, try looking up the company’s email domain through a search engine.
2. Watch for misspellings and correct Grammar:
Hackers and scammers tend to use online translation machines that don’t return perfect grammar or spelling, making misspellings and incorrect grammar common characteristics of phishing emails. Take a quick look through every email you receive for these kinds of identifiers.
3. Be suspicious of Hyperlinks:
If you receive an unexpected email to your inbox, it is best practice to check all the hyperlinks before clicking on them. Occasionally, both the sender and the body of the email can appear legitimate, but the phish is hidden in the links. If you hover over each link, check if the URL leads to the website you would expect based on the sender. For example, if you receive an email from Bank of America, the hyperlinks should bring you to bankofamerica.com.
4. Be careful with attachments:
This might be the most important rule – do NOT open any attachments until you are 100% sure the sender is legitimate. If the email is indeed a phishing attack, the attachment will contain malware that will be exposed to your computer the second the document is opened. It doesn’t hurt to check with your IT team or contact the sender through an alternative channel for them to verify the attachment.
What not to do when you receive a suspected phishing email.
1.Do not click on links that will take you to an unfamiliar site or IP address.
2. Be careful with attachments and do not open questionable ones.
3. Never input personal information into web forms or pop-up windows unless you are completely confident they are from the intended site
4. In general, if you receive a phishing email do not open it, do not click on any links or attachments and report them to the IT helpdesk.