Spot the Phish

Can you identify a phishing attack?

As described here, "phishing" refers to attacks delivered via email to get victims to share their personal information. Criminals play on a variety of human emotions to try and get you to act; usually by clicking a link. Here are some examples to help you spot phishing attacks.

This is a "Job Scam" phish. Verify that the email addresses of the sender and the person you are supposed to contact match. If they don't, that's a red flag. Legitimate senders will usually identify themselves with a name, title, and phone number where they can be contacted in addition to an email address.

Also, chances are that the job description has nothing to do with your background. If you are not expecting to receive such emails, feel free to ignore and also report them as spam.

This is a fake credit card application scam, pretending to give you great rates even if you have bad credit. Again, be suspicious of emails that you receive that you are not expecting. Legitimate credit card offers are usually sent via physical mail. Double check the sender address. It may say the email is from your bank, but the actual sender address may be something you don't recognize.

This is a gift card scam. The email is supposed to be from a reputed retailer but is actually a scam. Check the sender address. Also look for subtle grammatical errors, e.g., it should be "Congratulations" not "Congratulation". Be careful of the unsubscribe links too. You may think you are unsubscribing from unwanted mail, but actually the link may be used to install malware on your device.

Other types of email phishing scams:

Donations to fake charitable organizations.
Threatening letters supposedly from government agencies.
Unclaimed wealth.
Emails claiming to be someone you know saying they are stranded in a foreign country without money and need help.

REMEMBER: If it sounds too good to be true, leave it alone!