Phishing is the fraudulent practice of sending emails purporting to be from reputable entities such as financial institutions, credit card companies or other legitimate sources with the intent to trick recipients into providing personal information, such as usernames, passwords, account numbers or credit card numbers.
This type of email is different from spam, which is an unwanted email that isn't necessarily harmful. Spam emails usually consist of attempts to acquire someone's business via an email. They may ask to set up a call or give a product demonstration. These emails are usually safe and unlike phishing emails.
There are several common indicators to help you identify phishing attempts. One of the simplest ways to identify potential phishing is to see if the message instructs you to take immediate action, such as opening an attachment, clicking a link or replying with sensitive information. The tone is urgent and often induces stress: “Click here now or your account will be suspended!” “Click here to verify your password!” Often, there are also more subtle signs like poor grammar, odd phrasing, strange and generic greetings or suspicious signatures.
Example of a phishing attempt email
- Beware of opening emails that you are not expecting or that come from an unfamiliar sender, especially if they seem overly urgent.
- Do not click links or attachments in suspicious emails.
- Do not reply to suspicious emails without verifying with the sender through contact information you know to be correct, such as a phone number.
- Send suspicious emails to firstname.lastname@example.org