How to Spot a Phishing EmailMember Resource Center, Security & FraudWhat is Phishing?Phishing is a form of cybercrime in which criminals trick individuals by creating and sending fake emails that appear to be from a real business or colleague. Phishing emails are the most common online cyber threat, so we’re going to give you the information you need to stay safe.3 Signs of Phishing to Look Out ForIt’s important to be aware of the tell-tale signs of a phishing email, because one wrong click could put your personal information in danger. Here’s what to watch for:Asking You to Confirm Personal InformationCompanies will never ask you to confirm your password or bank account information. Even if the email looks genuine, it’s likely a scam. To be sure, contact the business over the phone and ask.Prompting You to Open a Suspicious AttachmentOne of the most common tactics used by criminals is adding an attachment within an email that will infect your computer with a virus or malware. Emails with unexpected attachments should always be deleted.Oddly Structured Email or Web AddressesPhishing emails often come from email addresses that appears to be genuine. Criminals will even include the name of a legitimate company within the structure of email and web addresses. For example: @mail.airbnb.work as opposed to @Airbnb.com.Can You Spot the Phishing Signs?We’re going to show you two examples of phishing emails. Can you spot all the signs?Email 1What Did You Notice in Email 1?In this email, you can see the scammer wants to give us a low-cost loan with no credit check. They say we just need to send them our information and they will give us money, right?Not only does it seem too good to be true, but also when you hover the cursor over the email address to examine it further, you see that the link has a different destination. It is the email address of the attacker. It’s important to always hover your cursor over links to make sure they will direct you to a legitimate destination. When you hover your cursor over a link, it may show the destination in the bottom left hand corner of your screen, depending which web browser and email provider you use.Lastly, if you notice the name of the person sending the email, you will notice Dr. Eugene Gotcha. Don’t let the bad guys be able to say they “Gotcha!”Email 2What Did you Notice in Email 2?Aside from this seeming too good to be true, you can see that “Amazon” is misspelled as “Amozon” on the link provided. If you read this quickly, you may think you are responding to the real company to get your gift certificate. In reality, you are providing your information to the attacker.What to Do if You Suspect PhishingIf you receive a suspicious email that seems to be from a legitimate company, don’t click on any links, open any attachments, or respond to the email. Always contact the company by other means and delete the email immediately.Remember, these cyber criminals will look to take advantage of your trusting nature. Whenever you doubt the legitimacy of an email, delete it.
