Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, banks, online payment processors or IT administrators are commonly used to lure unsuspecting public. Phishing emails may contain links to websites that are infected with malware. – Wikipedia
If you get an email and are not sure if its legitimate, use these tips to try determine if its good or bad. Email phishing is very common now a days, and they are very clever disguising themselves. Even the most savvy can get caught if they let their guard down.
Is this a phishing email?
Does reading the email get you alarmed in any way?
- Requests for personal financial information?
- Requests for secure personal information, ie: Usernames or passwords, account numbers, Social Security, drivers licence, passport number.
- Alarming call to action statements.
- Generic greetings like “Dear valued customer.”
- Does the from and reply-to email address look proper?
- Asking you to ‘Click Here’ to do something?
- Does the email have attachments?
- Hover your mouse over any links, do they actually go to the site in question or are they leading you somewhere else?
I think I have a phishing email, what do I do?
Please follow the instructions below.
- DO NOT reply to the email!
- DO NOT click any links!
- DO NOT open any attachments!
- DO NOT give your personal information!
- DO NOT contact them with any of the contact information listed in the email
I want to investigate the email more to see if it’s legitimate.
- Hover your mouse over links to see if they go to the proper website. DO NOT CLICK THE LINK!
- Double check sentences and spelling in the email, often it feels ‘phishy’.
- Go directly to the business in questions website in a browser. DO NOT CLICK THE LINK IN THE EMAIL!
- Does the contact info in the email match the info from the real website? Even if it does USE THE WEBSITES LINKS, DON’T CLICK ANY IN THE EMAIL.
- Call or contact the business from the information from their website or 411. DO NOT USE THE INFORMATION IN THE EMAIL!
I’m still unsure what to do.
If at this point your still not sure what to do, then just DELETE THE EMAIL. If you haven’t got it figured out yet then it needs to be deleted.
I still haven’t deleted the email, isn’t there anything else I can do?
If you want you can report the email to antiphishing.org. Please go to http://www.antiphishing.org/report-phishing/ and learn how to report it. And then please delete the email.
Email is deleted, now what?
Pat yourself on the back for a job well done. Just remember you will also sometimes get the same or a very similar email more then once, don’t get duped the second time around, always follow these instructions.