Phishing is fraudulent scheme that scammers use to obtain personal information, such as account numbers, passwords, and banking information. Scammers take this information to access important accounts, commit identity theft or steal from bank accounts. Phishing is usually done through scam email or text messages, and over 150 million scams are sent globally per day.

How to Detect Phishing

Although our spam filters catch around 90% of messages, that still leaves a 10% risk of phishing. This which leads to the question, how do you detect a fake email? Many email scams pretend to be a company, someone you know or do business with. Often these messages have spelling errors, attachments or a sense of urgency. Other red flags to detect a phishing email or text message include:
• The sender asks you to click on a link to make a payment, claim a prize, or confirm information.
• The sender says they noticed suspicious activity or log in attempts.
• The subject line and message do not relate to one another.
• The message has grammatical errors, is out of the ordinary or sent at a random time.

What to do if you Suspect Phishing

If you receive a message with any red flags or suspect it to be a fraud, do not click on any links. In some cases, even clicking on the message can give information access to the scammer. If the email is suspicious and claiming to be from someone you know, do not directly reply to the sender. Instead, create a new message to the person you are familiar with asking if they sent the email. Do not click on any links or attachment in the text message or email. Instead, hover over the email link and look for random numbers or letters that may look odd or suspicious. Finally, delete all messages that are suspicious. Deleting the message will ensure that you do not accidentally click a link or respond.

Report Email Scams

If you received or think you received a phishing email or text message, report it to your company, email provider, a government body, or the organization the message was allegedly from. Ways to report phishing:
• Many companies have a policy when it comes to phishing emails. If you are unsure what this policy is, ask your IT team before you receive a potentially harmful email.
• Most email providers have a place on their website to report phishing. When users report phishing or spam, providers can adjust accordingly to update spam/junk folder filters.
• The government has a place to report phishing as well. The Cybersecurity & Infrastructure Security Agency (CISA) helps protect victims of phishing and prevent it from happening. To report a phishing email to CISA, you can forward the email to phishing-report@us-cert.gov.
• If the scammer is pretending to be an organization, you can often report the email to that organization. Many companies have a place on their website to report a phishing email or message.
Phishing messages are sent every day, at all times of the day. Although your spam folder may catch most of them, many still come through. Phishing can cause the loss of personal information or identity theft, so it is important to understand the red flags and know what to do if you receive one of these messages.

https://www.consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams
https://www.phishing.org/what-is-phishing
https://us-cert.cisa.gov/report-phishing
https://www.howtogeek.com/437513/what-should-you-do-if-you-receive-a-phishing-email/