How to Identify a Suspicious Email (Phishing)

Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers.  It occurs when an attacker, masquerading as a trusted entity, sends a fraudulent message designed to trick a person into revealing sensitive information to the attacker or to deploy malicious software on the victim's device like ransomware.

Phishing emails come in many forms. We’ve focused on emails in this article, but you might also get scam text messages, phone calls or social media posts.

Identifying a Suspicious Email or Message

1. Do you trust the person or organization the email was sent from?

   • If the answer is "No," then delete the email.

2. Does the sender's email have a mis-spelt domain name or does a link have a misspelled domain name or look suspicious?

   • If the answer is "Yes", it is most likely a phishing attempt.

3. Does the email have an attachment? 

   • If the answer is "Yes," :

     • Only open attachments from senders you trust.

     • Were you expecting the attachment?

     • Is the attachment password protected?

     • Always be cautious with email attachments when deciding whether or not to open them.

4. Does the email have grammar/spelling errors?

   • If the answer is "Yes," that is often a key indicator that the email is suspicious.​​​​​

5. Does the email or message try to create a sense of urgency?

   • The more urgent the message or email, the more likely the sender is trying to scare you into clicking or opening something you should not.