Phishing is a common form of social engineering that lets cyber criminals create and send fake emails to trick individuals into sharing personal account information or opening malicious attachments that could infect your computer or smart phone. These fake emails typically appear as if they came from an authentic source, such as a business or from a colleague. Many people fall victim to these attacks, so it’s important to recognize ways of indicating whether the email is real or if it’s an attempt to attain personal information:

1.      The Message Asks for Personal Information

These emails often incite fear and anxiety in order to get personal information. An example would be an authentic-looking email from your bank confirming your social security number or login credentials with them or they will close your account. These institutions generally do not use email as a way of communicating this information. Another example would be from a supposed relative asking for money and needing your bank information todo so.


2.      The Message Does Not Look Genuine

Professional emails tend to have well-constructed messages, complete with correct headers, footers, logos &banners, email addresses, and without any spelling and grammatical errors. Be cautious, but check for these things throughout the email. Does the header look differently from previous emails? Are there a lot of misspellings or grammatical errors, such as “their” instead of “there”?

Check the email address of the sender. Hackers will attempt to mask their true email addresses or use a similar looking address. For example, FSB emails end in; if you see any variation of this, such as, this is incorrect. Try hovering your mouse over the sender’s email address (but do not click on it), and it will show the true email address. If these two do not match, it is likely not a legitimate email.

Do some research if you’re suspicious; search the web and verify that the sender comes from a legitimate company.


3.      There are Suspicious Attachments

If there’s an attachment or link from a suspicious email, you should not click on it at all. By clicking on the attachment or link, you allow a malicious URL to install a virus into your device. Use antivirus software to scan these items first before opening them.

Most importantly: do not reply to emails or click on any links if it seems suspicious. If you have any feeling that an email may be genuine, contact the institution or individual directly and verify that this email was real or fake.

Sometimes we all make mistakes – if you think you may have given out personal account information on accident, contact the bank immediately and pay close attention to all of your accounts.

This blog is intended to be an informational resource for readers. The views expressed on this blog are those of the bloggers, and not necessarily those of FSB. This blog does not provide legal, financial, accounting or tax advice. The content on this blog is "as is" and carries no warranties. FSB does not warrant or guarantee the accuracy, reliability, and completeness of the content on this blog.