“Phishing” is a method of informational or identity theft that is initialized by a fraudulent email, website, or other means.
Here are some ways to identify phishing emails:
Sender’s Address: In an email, you may typically see a Display Name and an Email Address. You might see something listed like this: ‘Jill Klein’ <[email protected]>. Do not just check the name; look at the address for a trusted domain like pitzer.edu.
Urgency: Phishing emails instill a sense of urgency like your account is about to be deactivated or a file you need to review right away. This urgency is deliberate so that you don’t spend time scrutinizing the email for mistakes.
Links and Attachments: It is common for an email to include a link to click on, but if you hover your mouse cursor over the link, it should provide the actual URL path of where it’s sending you. Always check a link before you click on it. For example text may say: Bank of America website – hover your mouse cursor over the “Bank of America,” and you may see that the web link is actually taking you to Pitzer or other unrelated website. Always be on your guard with links and attachments. Be vary careful with attachments that have .html, .zip, .exe, .dmg files in them; make sure they came from an expected and trusted source.
Use Your Instinct: Does an email from Michelle Muturi asking for Target gift cards seem out of place? Is this document link to a recommendation letter something you expected to receive from this person? Take your time and look for grammar mistakes or other signs that it may be a phishing attack.
Personal Accounts: Remember, these emails can appear in your personal email account, not just your school email. Your personal email may be linked to several social media sites, including LinkedIn, so it is a prime target for spear phishing scams.