What are phishing emails? How can I tell if an email is legitimate?
A phishing email is an attempt to “fish” for personal or account information through the fraudulent impersonation of a legitimate service or entity. Quite often, this will take the form of a counterfeit email message requesting confirmation of information such as:
- Account names and passwords
- Personally identifying information
- Payment information
Frequently, the sender will utilize scare tactics to extract the information – for instance, the message may claim that if the requested information is not provided, your services will be deactivated or, ironically, that the request is to prevent potential fraudulent account activity. Here is an example of a phishing email purporting to be from Bruce Telecom:
There are several characteristics of this example that can be used to identify a phishing message. While the senders address in this case has been omitted, it was not a Bruce Telecom email address. Additionally, there are grammatical errors and logical inconsistencies. For instance, the email claims that incoming mail has been placed on hold due to the account requiring activation – yet the email message is being sent to the same address they claim cannot currently receive mail.
Perhaps most importantly towards identifying phishing emails purported to be from Bruce Telecom:
Bruce Telecom will never request your account number or password via email. Any important account changes or communication will occur over the phone or in person. If you are unsure of the legitimacy of any communication you receive from Bruce Telecom, never hesitate to call us, or call us back to verify the information.