Phishing attacks attempt to steal sensitive information through emails, websites, text messages, or other forms of electronic communication that often look to be official communication from legitimate companies or individuals. The information that phishers (as the cybercriminals behind phishing attacks are called) attempt to steal can be usernames and passwords, credit card details, bank account information, or other credentials. Attackers can then use stolen information for malicious purposes, such as hacking, identity theft, or stealing money directly from bank accounts and credit cards. Phishers can also sell the information in cybercriminal underground marketplaces.

Here are several telltale signs of a phishing scam:

  • The links or URLs provided in emails are not pointing to the correct location or are attempting to have you access a third-party site that is not affiliated with the sender of the email. For example, in the image below the URL provided does not match the URL that you will be taken to.

  • There is a request for personal information such as social security numbers or bank or financial information. Official communications won't generally request personal information from you in the form of an email.
  • Items in the email address will be changed so that it is similar enough to a legitimate email address but has added numbers or changed letters.
  • The message is unexpected and unsolicited. If you suddenly receive an email from an entity or a person you rarely deal with, consider this email suspect.
  • The message or the attachment asks you to enable macros, adjust security settings, or install applications. Normal emails will not ask you to do this.
  • The message contains errors. Legitimate corporate messages are less likely to have typographic or grammatical errors or contain wrong information.
  • The sender address does not match the signature on the message itself. For example, an email is purported to be from Mary of Contoso Corp, but the sender address is john@example.com.
  • There are multiple recipients in the “To” field and they appear to be random addresses. Corporate messages are normally sent directly to individual recipients.
  • The greeting on the message itself does not personally address you. Apart from messages that mistakenly address a different person, those that misuse your name or pull your name directly from your email address tend to be malicious.
  • The website looks familiar but there are inconsistencies or things that are not quite right such as outdated logos, typos, or ask users to give additional information that is not asked by legitimate sign-in websites.
  • The page that opens is not a live page but rather an image that is designed to look like the site you are familiar with. A pop-up may appear that requests credentials.


Lynda.com also has a help 5 minute video on recognizing phishing email. That video can be found at this URL - https://www.lynda.com/IT-tutorials/Recognize-phishing-emails/756318/796670-4.html 


Users are able to forward suspicious messages to Microsoft’s Office 365 (O365)’s mail monitoring team directly via the junk@office365.microsoft.com, phish@office365.microsoft.com addresses, and spam@harrisburgu.edu. You can also submit a support ticket about incident.