Phishing is an attack that attempts to steal your money and/or identity by getting you to reveal personal information (credit card number, bank account information, account passwords, and etc.) on websites that pretend to be legitimate. Bad guys normally pretend to be someone reputable like a company or a friend and try to lure you to a phishing website from a link within an email.

Read the following tips to learn how to spot a phishing message:

Urgent Call to Action

Any email that tries to get you to act quickly by evoking strong emotions or creating a sense of urgency are almost always phishing attacks. Be wary.

First time/Infrequent Senders

If you get an email from someone for the first time (or someone you do not recognize), it could be a phishing email. Be wary.

Spelling and Bad Grammar

Professionals normally attempt to send emails which are free of errors. If you see bad grammar or misspellings, it could be because it is from a bad guy whose first language is not English. Be wary.

Generic Greetings

If the greeting is generic (“Dear Sir”) and not addressed to you specifically, it should be a warning sign that the person is not who they say they are. Be wary.

Suspicious Links/Attachments

Do not open links or attachments from unsolicited, unexpected emails. Be wary.

Email domains

If an email claims to be from a specific, well-known company but the sending address differs, it is almost certainly a phishing email. Also, look out for domains that are slightly different from the sending company (like micr0s0ft.com or outlook.ru). Be wary.

And remember… when in doubt, don’t act on it. It’s simply not worth it.