link to content
Essentials at NC State Home
skip header navigation and go to content Help | ResNet | Computing@NC State | For OIT Staff | Publications | Search NC State | Feedback | Site Map
jump to content; left navigation begins
your unity account
antivirus and security
 » Free antivirus
    software and virus
    alerts
    » Updating your virus
    definitions
 » Security
    » Identity theft
    » Internet Fraud
    » Internet voice (VoIP)
       vulnerabilities
    » OIT Security
      Services
    » Phishing
    » ResNet Security
    » Rules & regulations
    » Safe computing
    » Software for
       erasing hard
       drives
    » Spyware
    » Viruses and similar
       threats
    » Vishing
email and messaging
connections and labs
your computer
software at nc state
files
web pages
education and training
publications
other resources
troubleshooting
ITD Sections

Home » Antivirus & Security » Phishing » How can I recognize a phishing email?

How can I recognize a phishing email?

  • Check for personalization.
    Phisher emails are typically not personalized, while valid messages from your bank or e-commerce company generally are.
  • Look for urgency.
    If the message urges you to take an action right away or suggests dire consequences if you don't, it's probably a phishing attempt.
  • Examine images and company logos carefully.
    The more sophisticated phishing emails will often contain logos or images that have been stolen from the Web site of the legitimate company or faked to look like the real thing. Or the email itself may look like a Web site.
  • Verify a company's contact information.
    A URL or link in a phishing email may contain a familiar company's name and appear to be legitimate. To make sure you are contacting that company, use the telephone or go to its Web site another way (e.g., by typing its legitimate address in your browser or selecting it from your browser's bookmarks). If you don't know the address, use a search engine to find the company's Web site.
  • Check the "From:" field in a suspicious email.
    The information in the "From" field of an email can be falsified. (We're not going to tell you how, but it can be done in seconds). Look carefully and compare the real one with the one in the email. If there are any differences, be wary.
  • Pay attention to spelling and grammar.
    Misspelling and poor syntax are typical of many phishing emails. Some appear to have been crudely translated from a foreign language. In addition, phishers often use intentional misspellings or substitutions of symbols for certain letters of the alphabet in an attempt to avoid spam filters.
  • Beware of pop-up forms.
    If a pop-up box appears in an email and asks you to enter information, it is likely to be a phishing attempt. Pop-up boxes are not a secure means to transmit information.
  • Be cautious about attachments.
    A phishing email may also include an attachment that could contain spyware or some other electronic threat. Never open an attachment, even from someone you know, unless you've verified that it's safe.

Content last updated May 3, 2005 by dlschmid
Page last modified June 24, 2005 by cawalker

jump back to content/page ends, begin footer
jump to content
jump to content Go to page top Page Top | Site Map | OIT | Policy Disclaimer | Site Survey