Recognizing & Reporting Phishing:
- Look for grammar and spelling errors.
- Hover over links in email messages, without clicking, to see the destination and pay attention to the domain name of the destination link.
- Be careful with emails using emergency rhetoric, and statements trying to rush you, e.g. "You're account will be closed in x amount of time."
- Look at the sender's email address.
- Enable 2-Factor Authentication on important memberships. e.g. (bank account, Amazon, ... etc).
- Report a spam/phishing emails through your email provider. (gmail & outlook examples at the bottom).
Phishing and how you can prevent being its victim
Phishing is a practice in which cyber criminals send emails pretending to be someone else (person, company, government, ... etc) in order to get you to reveal private information like your credit card numbers, passwords, and such.
- Pay attention to grammar and spellings. Usually a professional email won't be sent by a company prior to editing and double checking the spelling and grammar.
- Be cautious with links inside the emails you receive! One way phishing emails get a malware in your computer, or get you to enter your credentials on a fake site is by typing a common site address, but linking that text to a different website. To not fall into this trap, hover your mouse on the email link to see if it is pointing to where it is supposed too. ALSO! Pay close attention to the domain name it is pointing to (domain name example: google.com) because sometimes cyber criminals acquire a domain name that is close to the official one, but it has a typo in it. For instance, switching an "o" with a "0" or switching an lower case "L" with a "1."
One last thing, just because an email has your bank's or PayPal's or ... etc, it doesn't mean it is legitimate. Always examine links and where the go.
- Don't fall into emergency inducing alerts! One way cyber criminals will get you to open their email messages and click on their malicious links is by making it sound like an emergency. For example, you might get a message stating that if you don't log in now to your bank account or PayPal, then it will be closed. The goal behind that rhetoric is to make you rush things, which will prevent you from thinking it over.
If you think there might be a problem with your bank account, PayPal, ... etc. Then don't click on the links provided in that email, instead, go ahead and open a new window, then type the address to that website (bank account, PayPal, ... etc) and log into your account that way instead of the links provided in the email.
- So what if the message checks out on all the previous mentioned points? Well, another line of defense that you have is checking the senders email. Often times, the sender's address gives it up. For instance, you might get a message stating a problem with your PayPal account, but it's coming from a example@QQ.com or some other email address that is obviously not PayPal's. However, keep in mind, that sometimes cyber criminals are capable of spoofing the official email of a given business! That's no good, I know, but the next point will aide your cyber safety, if all of the previous fails.
- This is critical! Consider enabling 2-Factor Authentication on your important memberships (Bank, PayPal, Amazon, ... etc). This way, it adds another layer of protection on your side, and the mere compromising of your password won't be enough to gain access to your account!
- Reporting phishing and spam emails can easily be done with most email providers. Here is an example: