Phishing is a term used to describe email messages that appear to be from a trusted source, but are actually from someone attempting to trick you into giving away private information such as usernames and passwords, financial account information, and other sensitive information. These messages typically encourage you to click a link that takes you to a fraudulent website where you are asked to login and/or submit private information which is then captured by the scammer. These scammers can then use this information to access your work network, commit identity theft, withdraw funds from your financial accounts, or access password-protected sites while pretending to be you.
Let's look at an example of a phishing email below:
There are several indicators in the example above that can help you identify this as a phishing attempt:
Forged FROM: Field
In the email above, you'll notice that the sender of the email is supposedly "UTMB Help Desk". However, this is not actually the case. To the right of the name, you can see that the sender's email address is not from an @utmb.edu email address at all.
This is a common tactic used by scammers; they will forge the name of the sender to appear to be from a trusted source, or even a person of authority (such as a manager, a CEO, or another authoritative source). Make sure to verify that the sender is who they claim to be: check the name and the address.
Questionable Subject Line
Paying attention to the content of the subject line can also reveal a potential phish. A legitimate organization will generally have a professional subject line format when conducting business.
It is common for scammers to have poor formatting in subject lines, but this is not always the case. Therefore, it is important to be aware of other identifiers.
Bad Grammar and Typos
While we are all guilty of the occasional grammatical mistake and/or typo, you can generally expect a legitimate entity to use proper grammar and correct spelling when conducting business. Poor spelling and grammar is a very common feature of phishing emails.
A Sense of Urgency and Request for Personal/Sensitive Information
Manipulating the recipient of an email is a hallmark of a phishing scam. Scammers will typically create a sense of urgency to spur a recipient to act upon the email while ignoring the red flags. This is achieved by warning of some imminent change to your account or information if you do not act immediately. This kind of manipulation is what is known as "social engineering".
This warning is almost always accompanied by a method to avoid such a change: a link to provide personal and/or sensitive information. Be it a username and password, bank account information, or some other bit of data, the scammers are counting on you to act quickly on their warning before you recognize it for the scam it is.
Modified or Disguised Links
Scammers will provide a link within their email that, when clicked on, will take you to a site where you can provide the information that they are after. In a further attempt to minimize suspicions, these links will usually be modified in a way to disguise their true destination.
In the example above, the link included in the email shows as utmb.edu/change_password
However, scammers can easily disguise the true destination. You can see where the link will take you by hovering over it with your mouse, which will show the actual destination in a small pop up in the bottom corner of the window or where your mouse is (go ahead and hover over the link in the previous sentence to see where it really leads).