Here’s an example email. Spot the warning signs of phishing with the elements below:
- Is this subject suspicious?
- Subject lines in phishing messages are often sensational and meant to provoke an emotional response. This example message is trying to frighten you with the threat of identity theft.
- Do I know this sender?
- If you don’t know the sender, you should be on your guard. Remember that criminals will often impersonate trusted individuals or organizations. This example message might be falsifying the email address of your bank.
- Does this person really know me?
- Phishing messages often use generic greetings, such as “Dear Customer” or “Greetings.” A legitimate organization, like the example bank, knows your name and often strives to personalize its messages.
- Am I being pressured to take action?
- A common technique is to use a deadline hoping that it encourages you into taking a hasty action. If you’re being pressured, like the example deadline in this message, you should take extreme caution.
- Does the message seem suspicious?
- Phishing messages often use extreme claims that are often outside normal operations for organizations. If it’s too good or bad to be true, it probably is.
- Can I tell where this hyperlink will really take me?
- Many emails contain hyperlinks, and you should always verify where they take you before clicking. Can you tell where this hyperlink is really taking you?
- Was I expecting an attachment?
- Attachments are a common means of deploying malware. If you aren’t expecting an attachment, don’t open it until you’ve verified its authenticity.