Ten Tips to Detecting a Phish

Phishing

Using email or social skills (social networking) to trick you into providing personal financial (credit card) information or to gain access to passwords, account names, or email addresses.

If you think you have received an email that you think is a “phish”, the tips below can keep you from taking the bait and getting hooked.

Receiving the Email

  1. Know the online companies you deal with.  When a suspicious email arrives in your inbox - THINK: it could be fraud, it's definitely spam, and it's not for you.  Delete it!
  2. Look carefully at the subject line.  Example: Chase Bank will never send you an email headed "_ChaseBank_account_update ACT-NOW".  These messages may sneak through your spam filters because they appear to come from a reputable source, but that doesn't mean it's really from Chase Bank.

Looking at the Email

  1. Understand how the companies you deal with want to interact with you.  For example, banks usually want you to access your account through their website - not an email link.  "Phishing" emails stand out because they don't follow the rules.
  2. Practice safe browsing. Open a new browser window each time you log on to a website that displays personal information.  When you are done, log out and close that browser window.
  3. Be sure to thoroughly read emails that say they are from companies you know.  Watch for spelling and grammatical errors.  Sometimes a real email will have an occasional spelling or grammatical error, but anything more than one is suspicious.
  4. Hover over the links with your mouse and verify them.  In some email systems, you can scroll over the different links in an email and see the actual contents of the link.  If the email says PayPal, but the link says "www.paipall.com", be careful.  And note: URLs can be disguised - so don't take a suspect link at face value.  You can also Google and compare.
  5. Never enter your personal or credit information into a form in an email.  If you feel the email is legitimate, visit their website and log in or call the company directly to provide the requested information.  Don't click on the link!
  6. Most "phishing" emails are not personalized.  Expect good customer service from your online providers.  Unless your name is "eBay User" or "Friends", if you receive a "Dear Customer" email, it may be time to move on.

Stay on Guard

  1. Read your bank statements - every one, every month to ensure your charges and debits are correct.  Stay vigilant and report any suspicious activity immediately.
  2. Use and maintain your email protection software for spam blocking, fraud blocking, and anti-virus.
Translate

Weber State University

Ogden, Utah 84408