Signs you may have received a Phishing Email:
- E-mails that exhibit requirement of immediate action, or are made to sound "urgent".
- Sender's email address that is similar to, but not the same as, a company's official email address
- Email sent with a generic greeting such as "Dear Customer" or "Dear Member".
- The message contains poor spelling and grammar.
- E-mails from unheard-of companies or from companies with which you do not do business.
- Pop-up windows or web pages made to look like alert messages made by a computer program.
- To report any phishing complaint or issue please email us at: Report.firstname.lastname@example.org
Web pages that have no information, just a series of misdirecting links.
a) Please note the following points in phishing example,
- Internet criminals use generic names like "First Generic Bank Customer" so they don't have to type all recipients' names out and send emails one-by-one. If you don't see your name, be suspicious.
- Even if a link has a name you recognize somewhere in it, it doesn't mean it links to the real organization. Roll your mouse over the link and see if it matches what appears in the email. If there is a discrepancy, don't click on the link. Also, websites where it is safe to enter personal information begin with "https" — the "s" stands for secure. If you don't see "https" do not proceed.
- The point of sending phishing email is to trick you into providing your personal information. If you receive an email requesting your personal information, it is probably a phishing attempt.
- Internet criminals want you to provide your personal information now. They do this by making you think something has happened that requires you to act fast. The faster they get your information, the faster they can move on to another victim.
b) Please note the following points in phishing example,
- Phishing websites are often poor in quality, since they are created with urgency and have a short lifespan. If the resolution on a logo or in text strikes you as poor, be suspicious
- Even if a link has a name you recognize somewhere in it, it doesn't mean it links to the real organization. Read URLs from right to left —the real domain is at the end of the URL. Also, websites where it is safe to enter personal information begin with "https" — the "s" stands for secure. If you don't see "https" do not proceed. Look out for URLs that begin with an IP address, such as: http://18.104.22.168/firstgenericbank/account-update/ — these are likely phishes
- Padlock is missing on website