What Phishing Looks Like

Phishing is one of the most common forms of cybercrime. Attackers impersonate trusted companies, banks, or even people you know to trick you into revealing sensitive information like passwords, credit card numbers, or Social Security details. Recognizing the warning signs is the first step in protecting yourself.

Suspicious Emails

Phishing emails often look official but contain subtle errors. Look for:

• Misspellings in the sender’s address (e.g., support@paypa1.com instead of support@paypal.com).
• Urgent subject lines like “Your account will be closed!”.
• Unexpected attachments or links asking you to log in.

Fake Login Pages

Many phishing campaigns direct you to a website that looks like your bank, email provider, or workplace portal. Always check:

• The URL — attackers may use domains like secure-bank-login.com instead of your bank’s official site.
• If the site lacks HTTPS (padlock symbol), it’s unsafe.
• Unusual requests for personal details (e.g., PIN or full SSN).

Text Messages & Phone Calls

Phishing isn’t limited to email. Attackers also send SMS messages (“smishing”) or make calls (“vishing”) pretending to be from a trusted source:

• Texts claiming a package is waiting for you, with a suspicious link.
• Calls impersonating IRS agents or bank employees demanding payment or information.
• Messages with shortened links (like bit.ly) leading to fake websites.

How to Protect Yourself

• Never click links or download attachments from unknown sources.
• Verify sender details before responding to any suspicious request.
• Type website addresses manually instead of clicking links.
• Use multi-factor authentication (MFA) wherever possible.
• Report phishing attempts to your IT department or email provider.

Remember: legitimate organizations will never ask for your password, PIN, or full Social Security number via email or text.