For in-depth information on phishing (including illustrated examples, tips, articles, and phishing quizzes), visit the UA Info Security Phishing page:
If you need help deciding whether an email message is a phish:
In general, if an email seems phishy, it probably is. When in doubt:
- Contact the sender (via phone or in a separate email or in person) to determine if the message is legit.
- Check the UA Phishing Alerts page: https://security.arizona.edu/phishing_alerts .
- Forward the message your systems staff (LPL Systems, PIRL Sys, or OREX SA's) for evaluation.
Here are six characteristics of phishing emails. Watch for them!
- The email message is poorly written.
Poor grammar, spelling mistakes, and odd turns of phrase are telltale signs of phishing. If you receive an unexpected email from an institution, and it is filled with mistakes, it is probably a phishing attempt.
- The sender's email address looks phishy.
Phishing emails can come from an address that may look genuine. So take a moment to examine the From-address closely; don’t just check the name of the sender. Check the email address by hovering your cursor over it. Make sure no alterations (like extra numbers or letters) have been made.
- The message has a suspicious attachment.
Unsolicited emails that contain attachments are often phishing attempts. If you receive an email from an institution out of the blue that contains an attachment, especially if it relates to something unexpected, your phishing alarm should start ringing.
- The message is designed to make you panic.
Phishing emails are designed to create a false sense of urgency. A standard ploy is to claim that your account has been compromised or will be closed if you do not act immediately. Take the time to really think about whether the email is asking something reasonable of you. If you’re unsure, contact the sender through other methods. Slow down and be cautious.
- The email asks you to provide personal information.
If you receive an unsolicited email from an institution that asks you to provide sensitive information (like passwords, account numbers, social security numbers), it’s a scam. Legit institutions don't do this.
- The email contains web addresses that do not look genuine.
Before clicking on any web links in an email message, hover over and inspect each one first. If the link in the text isn't identical to the URL displayed as the cursor hovers over the link, it's malicious. If a hyperlink’s URL doesn’t seem correct, or doesn’t match the context of the email, don’t click on it. When in doubt, don't touch it.