A phishing website or email is a scam to trick you into revealing personal information by appearing to be from a someone or an organization you know.
Phishing is a game as old as time. Call them hackers, social engineers or bad actors — just new names for the huckster, the hustler, the confidence man. Smooth talkers who manipulate people into parting with their hard earned money, then disappear.
Legitimate agencies rarely ask you to send sensitive information through email or text messages.
It’s probably phishing if:
- There are spelling and grammar mistakes
- The language is urgent or threatening
- The message asks for personal information, such as social security number, bank account number, your mother’s maiden name
- It’s too good to be true
What if I’m unsure about an email?
- When in doubt, delete it.
- Do not reply.
- Do not open any attachment.
- Do not click on any links.
- Hover your cursor over links to see the true address
- If you know the sender, reach out to them by phone or text to ask if this is a valid email
- You can report suspicious emails and phishing scams to your email providers, or to firstname.lastname@example.org
Want some more info? Check out these videos: