Skip to main content

Online Privacy and Your Digital Footprint: Emails

Phishing and other email scams

When scammers use an email message (sometimes also copycat websites) to fraudulently get access to your personal information, it's called phishing. They may use that information to get access to your computer or to your accounts, to steal your money, identity, and/or other data. A common trick is to ask you to verify your information for some reason, maybe by clicking on a link to open a web form. Another  frequently-used scam is to ask you to "click here to download" a picture or a file, which puts malware on your device.

Phishing clues:

  • Message is from someone or some organization you don't know; or if it is from an organization you know, the message comes as a surprise.
  • Sender is trying to scare you to "act now" or something bad will happen.
  • Message asks for personal information details over the web - if that message was really from your bank, your school,  or from a government agency, that request would be made in a more secure manner. 
  • Message claims to be from one source, but when you look at the email address or any weblinks, they actually come from (or link to) a different address. If you can't tell for certain, contact that source (your bank, your school, or the government office) directly using an address or phone number you already have, or an existing account that you have bookmarked.

Protect yourself:

Best practices to avoid phishing scams:

  • Don't click on any embedded links in an email message from someone you don't know.
  • Don't click on any embedded links in an email message that seems strange, coming from someone you do know (like an email from your uncle that just reads "look at this!").
  • Check to make sure that any emergency message actually comes from the sender it claims.
  • Don't enter identity details (your password, your complete Social Security number, or other confidential personal information) unless you've already used a password to log into an account you set up with that source. Be suspicious of requests to enter personal information on an open web form.

Image: How to Spot a Phish Infographic