Phishing remains the most popular scam among fraudsters because attacks are relatively easy to execute and tend to be successful, generating billions of dollars each year. By impersonating a renowned and trusted entity, cybercriminals attempt to obtain important personal information, such as accounts numbers, passwords, SSN and credit card information.

Protect yourself by keeping an eye out for these tell-tale signs:

  • The sender: Be weary of emails from unknown senders, and watch for impersonators.
  • The addressees: Review the list of people the email is addressed to, amongst them might be unknown users or ex-employees.
  • The subject: If the subject refers to documents you haven’t requested, like an attachment, it could be a sign something’s wrong.
  • The attachment: ZIP, DOC, XLS, EXE and PDF files are known for being potentially hazardous.
  • The greeting: The greeting tends to be generic such as “Dear Customer” or “Dear Business Associate.”
  • The body of the message: If the message is asking for personal information or inappropriate details, it’s definitely a red flag.
    • The message may come with instructions to open an attachment or follow a link to login with your password.
    • Keep an eye out for poor grammar and spelling.
    • The tonality of the email may change.
  • The Link: Be careful of all links. Verify the URL by hovering your mouse over it and making sure the hyperlink matches the original URL name. Better yet, type the URL of the company you do business with into your browser and make it a habit to never click on links in emails, unless you verify its authenticity.

It’s easy to rush through the content of an email, especially on a hectic work day, so it becomes vital that you keep these tips in mind.

  • Always be suspicious
  • Install a browser plug-in, like McAfee SiteAdvisor to help identify risks.
  • Adjust your email settings to filter senders.
  • In the event that you are targeted, report the email to the FTC.
  • Remember that no U.S. government agency will use email to initiate contact.

Having security awareness training helps you be prepared. For more security tips, visit