🎣How to spot a Phish
Information on the best way to determine if the email you received is a phishing email
Understanding Phishing
Phishing is a deceptive practice where fraudsters send emails or messages that appear to be from reputable sources. The aim is to trick individuals into revealing personal information, such as passwords and credit card numbers.
How Phishing Works
Phishing attempts usually involve the fraudster posing as a trustworthy entity. The target receives a message that prompts them to take an action, such as clicking a link or providing sensitive information, often leading to identity theft or financial loss.
Common Types of Phishing Attacks
Email Phishing: The most common form, where emails are sent to many individuals with the intent to scam unsuspecting victims.
Spear Phishing: More targeted, where specific individuals or companies are chosen due to their access to sensitive information.
Whaling: A type of spear phishing that targets high-profile individuals like executives.
Smishing and Vishing: Phishing conducted through SMS text messages (smishing) or phone calls (vishing).
3 ways to spot a Phishing email
1. Check the Sender's Email Address
Examine the sender's email address carefully. Phishing emails often come from addresses that appear legitimate at first glance but may have subtle misspellings or use a different domain.
For example: [email protected] is not the same as [email protected]

2. Is it real?
If the service or request is unfamiliar to you but it's asking you to click a link or provide payment or information, or if the message is too good to be true, it is likely phishing. For example, if you receive an email supposedly from Zoom but you do not use Zoom, it's phishing.

3. Be Wary of Unsolicited Attachments or Links
Be cautious if the email encourages you to download an attachment or click on a link, especially if it creates a sense of urgency or invokes fear. Verify the legitimacy of the email before taking any action.

What to do if you suspect an email you received is phishing
If you suspect the email might be legitimate, but you were not expecting it, contact the sender via phone/in person. This will give you the most accurate information. If you suspect it is phishing, you can report it using Outlook.
More information: https://support.microsoft.com/en-us/windows/protect-yourself-from-phishing-0c7ea947-ba98-3bd9-7184-430e1f860a44
Last updated
Was this helpful?