Phishing is the most prevalent form of Social Engineering (the use of deception to manipulate individuals into sharing confidential or personal information) used because it is the most effective. At first glance, emails with the intention of phishing appear to be from a recognized source and aim to trick you into giving them information like your financial details or login credentials to valuable data sources.
Stop yourself from falling victim by:
a. Analyzing the sender’s address – ensure you recognize the email address that it was sent from. Oftentimes, fraudsters can spoof an address, and commonly misspell or add an incorrect, but hard-to-notice string of letters.
b. Look for bad spelling and grammar in the email message – phishers don’t spend time on the quality of the content in their emails and it is often easy to see by the language, wording, spelling and grammar that it’s likely not legitimate.
c. Check links before you click on them to make sure they direct you to a legitimate website, and when in doubt just delete the email before clicking the link.
d. If an email is asking you to log into your account for whatever reason – fraud, verify information, etc. – do not do it via the link that was sent in an email. Always navigate to the known website for that company and enter your credentials there!