‘Phishing’ or email spoofing is a way for an attacker to fool you into thinking that your password needs to be reset, or convincing you to open an attachment. This attack vector is used in many ways; a bank asking you to reset your password, bitcoin exchanges sending password reset requests, etc… the internet can be a dangerous place.
It’s important to make sure when communicating with someone online that you are communicating with the real person or organization. You can spot a phishing email if it has one of the following tell-tale signs;
- Emails with Bad Grammar and Spelling Mistakes.
- Emails with an Unfamiliar Greeting or Salutation.
- Inconsistencies in Email Addresses, Links & Domain Names.
- Suspicious Attachments.
- Emails Requesting Login Credentials, Payment Information or Sensitive Data.
- Too Good to Be True Emails.
If you receive offensive, abusive or potentially phishing email — you should save the message (do not email it to others) and contact your supervisor or IT support. You may be asked to provide a copy of the message to help authorities with any subsequent investigation, which is why you should not delete it unless told to do so.