Phishing is a name derived from the word “fishing”.  Phishing is a type of online scam where attackers deceive people into revealing sensitive information or installing viruses or malware. It typically involves baiting Internet users through deceptive email messages that include links or attachments. As part of their scam, they often incorporate bogus web pages that are designed to look authentic.  They do this to get you to divulge personal or confidential information, which can then be used illicitly.

Often these e-mails look perfectly legitimate and incorporate a PDF (scanned document) or a UPS or FedEx tracking number, bank letter, Facebook alert, bank notification, etc. That’s what makes these so dangerous – they look like legitimate e-mail messages.

A common phishing scam involves sending emails that appear to come from banks, requesting recipients to verify their accounts by typing personal details, (such as credit card information), into a website that has been disguised to look like the real thing.

So… how can you tell a phishing e-mail from a legitimate message? Here are a few telltale signs:

Check the Sender

First, double-check the sender’s e-mail address. You might discover that the e-mail address has nothing to do with the company being represented.  Sometimes it’s a close variation of the company email, and sometimes it’s obviously false.  Be cautious, since some scammers use hijacked email accounts to make them appear more authentic, and it may even be coming from a friend’s hacked email account or from a business account.

Check the URL

Hover over the URL in the e-mail (but DO NOT CLICK!) to see the ACTUAL website you’ll be directed to. If there’s a mismatched or suspicious URL, report the email and delete it immediately.

Go to the Site Directly
If you’re still unsure, simply go directly to the site the email is referring you to, (typing it into your browser), rather than clicking on the link.

Other Clues

Other telltale signs of a phishing email are poor grammar and spelling errors.  Many of these emails are created offshore by people that do not have a full command of the English language.  They message may also contain overly alarming or urgent messages, such as: “you must verify your account or all services will be suspended”, or “you must update your password immediately”.


There are many forms of phishing, and as variants include very targeted attacks called “spear phishing”.  There are even attacks using text messages, called “smishing”.

Be Safe Online

There are plenty of scammers out there, and they keep coming up with new tricks to bait users into divulging sensitive information or compromising their files.  Only use trusted sites, always be wary of any electronic messages that seem out of place, and take precautions to help safeguard your computer and personal/financial accounts.