What is a Phishing Email?

Phishing emails are a common form of Social Engineering utilized by cybercriminals to trick you into handing over personal information about yourself or sensitive information about your company. These phishing emails are designed to look like legitimate emails from a business or colleague, but in fact, they are from bad actors trying to get you to perform an action like clicking a link, giving away your password or downloading an attachment that infects your computer with a virus, malware or even ransomware.

5 Ways to Identify a Phishing Email

Despite posing and looking like a legitimate email, there are always a few key giveaways that a trained eye can spot to help identify a phishing email.

1. Personal Information

A phishing email will ask for personal information, requiring you to go to a website, reply to the email or otherwise respond to an email by providing this personal information. Anytime an email asks you for personal information, this should immediately raise suspicion.

2. Poor Grammar

Keep an eye out for spelling errors or poor grammar in an email. If an email sounds titled or uses odd phrasing, this should raise a red flag. Legitimate emails come from marketing departments trained in communication.

Does the email address you by name or in a generic way, such as Dear Customer or Account Holder? Legitimate emails will often address you by your name.

3. Suspicious Attachments

If you receive an email from a company or person with an attachment, the threat level should immediately be raised to high, especially if the email came out of the blue. This attachment is likely to be a malicious trojan virus that will attempt to install malware or ransomware on your computer.

4. Panic Content

Many phishing emails require you to take immediate action. These emails are trying to get you to act rapidly instead of rationally. This tactic increases the cybercriminals' success of duping their victim.

5. Call to Action

In order for a phishing email to work, you must respond to the email and perform the steps laid out by the bad actor. Restore your account, protect your security or update your password are all common “Calls to Action” that a bad actor might use to deceive their victim. If an email contains a "Call to Action" asking you to immediately respond to the email, it should raise a flag.

What Should You Do if You Have Received a Phishing Email?

1. Don't panic.
2. Don't click on any links or attachments.
3. Check with the alleged sender by picking up the phone and calling them.
4. Report the email to your company.
5. Mark the sender as junk or spam.
6. Delete the email.