What Is Phishing?
Phishing is when criminals send fake emails, texts, or messages that look like they come from trusted companies. Their goal is to trick you into clicking a link, downloading a file, or sharing personal information like passwords and credit card numbers.
Red Flags That Reveal a Phishing Email
- Urgency or threats: "Your account will be closed in 24 hours" or "Immediate action required"
- Generic greetings: "Dear Customer" or "Dear User" instead of your actual name
- Suspicious sender address: Check the actual email address, not just the display name. Look for misspellings like "[email protected]"
- Unexpected attachments: Legitimate companies rarely send unexpected attachments
- Mismatched links: Hover over links to see where they actually go. The URL might not match the company it claims to be
- Poor grammar and spelling: Many phishing emails contain obvious errors
- Requests for personal information: Real companies never ask for passwords, PINs, or full Social Security numbers via email
Real Examples of Phishing Emails
Fake PayPal Alert
"Your PayPal account has been limited. Click here to restore access." The link leads to a fake website that looks identical to PayPal but steals your login credentials.
Fake Bank Notice
"We detected unusual activity on your account. Verify your identity now." This creates panic and pushes you to click without thinking.
Fake Package Delivery
"Your package could not be delivered. Click to reschedule." These spike during holiday shopping seasons.
How to Protect Yourself
- Never click links in unexpected emails. Go directly to the company website by typing the address yourself
- Check the sender email address carefully
- When in doubt, call the company directly using a number from their official website
- Use email filtering and spam protection
- Keep your browser and antivirus software up to date
- Enable two-factor authentication on all accounts