Email Phishing Awareness
Phishing emails are designed to look like legitimate messages from banks, businesses, work colleagues or friends. Cybercriminals entice you to click on a link, open an attachment, or provide them with personal information. Here are some ways to spot phishing emails and stay cautious.
How to Spot a Phishing Email:
- There are significant spelling or grammatical errors. The message looks as if it comes from an official organization but has poor grammar or spelling.
- The signature of the person sending the email doesn’t match the From email address. Always check that the “from” and “reply-to” email addresses make sense. (In Gmail, click or tap the down arrow in the message.)
- The message includes a request for personal information or information you’re not comfortable sharing. For example, some phishing emails ask you for money, to provide your credit card number or financial account information. Others might ask for your password or other account information.
- The message includes attachments that you weren’t expecting or seem unnecessary, and you’re instructed to open them.
- The message contains a link to an unfamiliar website or a website that is inconsistent with the message.
- The message has a sense of urgency that demands immediate action to prevent something bad from happening.
- The message attempts to pressure you to bypass or ignore normal procedures or policies.
- The message appears to be from a friend or co-worker, but the tone or wording of the request does not sound like them.
This example shows urgency, spelling errors and how a hypertext differs from the URL.
Here are more phishing examples that the Smith community has reported.
Stay cautious, Be wary, and trust your instincts :
-
Why am I getting this? Does it make sense?
-
Be wary of: attachments that you weren’t expecting
-
Be wary of links in emails and mouse hover over links to view the website address and verify authenticity.
a. If the email appears to be from a well-known government agency, financial institution, or online commerce service, go directly to the website instead of clickinng any links, or call their Customer Service directly to verify. -
Be wary of: any message that asks you to verify your Smith account; ITS will NEVER ask you to do this, we created the account, so we have the information.
-
Be wary of: any message that asks you to pay a bill, or transfer funds; it may appear to be from a senior Smith executive, particularly while they are traveling abroad.
-
If you aren’t sure, contact the sender through another means and ask them to confirm they sent it.
What to do if you receive a Phishing Email:
-
Analyze the message, look but don’t click on links or open attachments.
-
DON’T give out your personal information!
-
When viewing the message in Gmaill on a computer, click the "Report phishing" from the drop-down menu option.
-
Delete the message.
Uh oh! What to do if you responded:
Visit https://www.smith.edu/tara/security/phishing_respond.html