🎣 Phishing Emails
What is Phishing?
Phishing is a type of cyberattack where criminals send fraudulent emails pretending to be from legitimate organizations. The goal is to trick you into revealing sensitive information like passwords, credit card numbers, or social security numbers.
🚩 Red Flags to Watch For
Learn to spot these common warning signs of phishing emails:
⚠️ Suspicious Sender
The email address doesn't match the company's official domain. Look carefully at the sender's address, not just the display name.
Example:
Legit: support@amazon.com
Phishing: support@amaz0n-security.com
⏰ Urgent Language
Creates false urgency or threats to pressure you into acting quickly without thinking.
Examples:
"Account will be closed in 24 hours!"
"Immediate action required!"
"Suspicious activity detected!"
🔗 Suspicious Links
Links that look legitimate but actually lead to fake websites. Hover over links to see the real URL before clicking.
Tip: Type the URL directly into your browser instead of clicking email links.
📎 Unexpected Attachments
Attachments containing malware or viruses, especially from unknown senders.
Dangerous types: .exe, .zip, .scr, suspicious .pdf or Office docs
📝 Poor Grammar
Professional companies proofread their emails. Multiple spelling errors and awkward phrasing are red flags.
Example: "Dear costumer, you account have been compromise"
💰 Too Good to Be True
Offers of free money, prizes, or deals that seem unrealistic.
Examples: "You've won $1,000,000!"
"Free iPhone - click here!"
📧 Common Phishing Email Types
1. Account Verification Scams
Subject: Urgent: Verify Your Account
"Dear Customer,
We've detected unusual activity on your account. For your security, please verify your identity by clicking the link below within 24 hours or your account will be suspended.
[Verify Account Now]
Thank you,
Security Team"
2. Password Reset Requests
Subject: Password Reset Request
"Hi [Your Name],
We received a request to reset your password. If you didn't make this request, click here immediately to secure your account:
[Reset Password]
If you don't act within 2 hours, your account may be compromised."
3. Package Delivery Notifications
Subject: Your Package Cannot Be Delivered
"Dear Customer,
We attempted to deliver your package but were unable to complete delivery. Please update your shipping information to avoid return to sender:
[Update Shipping Info]
Package ID: 1Z999AA10123456784"
4. Prize/Lottery Scams
Subject: Congratulations! You've Won!
"CONGRATULATIONS!!!
Your email has been selected as a winner in our annual sweepstakes! You've won $500,000 and a new car!
Click below to claim your prize before it expires:
[Claim Prize Now]"
✅ How to Protect Yourself
- Verify the sender: Check the email address carefully. Look for misspellings or suspicious domains.
- Don't click suspicious links: Hover over links to see the real URL. If in doubt, type the website address directly into your browser.
- Never share passwords via email: Legitimate companies will never ask for your password via email.
- Use spam filters: Enable email filters to catch obvious phishing attempts.
- Enable 2FA: Even if your password is stolen, two-factor authentication provides a second line of defense.
- Report phishing: Forward suspicious emails to your email provider and the company being impersonated.
- Keep software updated: Updated browsers and email clients have better phishing detection.
- Trust your instincts: If something feels off or too good to be true, it probably is.
🎯 What to Do If You Fell for a Phishing Scam
If you clicked a phishing link or entered your credentials, act immediately:
- Change your password immediately on the legitimate website
- Enable two-factor authentication if you haven't already
- Check your account activity for unauthorized access
- Notify the real company about the phishing attempt
- Scan your computer for malware with updated antivirus software
- Monitor your credit if you shared financial information
- Report the scam to the FTC at identitytheft.gov