An email from Jeff Bezos gifting you a $100 Amazon gift card just hit your inbox. Although this offer sounds tempting to click on -- be careful -- this is a phishing attempt.
Phishing attempts, similar to the one mentioned above, occur frequently and can be difficult to recognize. Cybercriminals are highly-skilled and can create offers that appear authentic. But remember, if it seems too good to be true, it probably is.
The goal of phishing emails is to steal login credentials. By simply clicking on an email link or attachment, the email installs malicious malware, like the Dridex Trojan, onto the device. This banking trojan steals login information and other important data. In some cases, it may also install a “key logger” -- or a type of software that logs everything a user types.
If you are not sure if an email is legitimate, here are a few things to remember:
- If it seems too good to be true, it is
- Cybercriminals use a sense of urgency to trick users
- Cybercriminals play on a user’s emotions -- in this case a gift offering -- to succeed
Some common phishing email identifiers include:
- Misspelling of words and bad grammar
- The link in the email is different than the website that they are sending you to (Tip: You can hover over a link without clicking to see where the link directs.)
- A sense of urgency
- Your personal information is being requested
- Mentioning you have won or are entitled to money or prizes
- The "reply to" email address is not the same "from" email address
If you believe you have received a phishing email to your work account, please report it using the PhishAlarm button. Instructions for the PhishAlarm can be found here: Phish Alarm Instructions.