Definition
💡 A phishing email is an email that’s made to look like it comes from a legitimate and trusted source. When a user opens this type of email, they’ll be taken to a bogus website where they’ll be asked to share sensitive information.
Example: What does a phishing email look like?
Phishing emails look like regular email messages. They can have several versions, but they share common signs like:
- Spelling or grammar mistakes
- Threatening messages or messages with a sense of urgency
- Suspicious or inconsistent email addresses or domain names
What does a phishing email try to do?
Phishing emails trick individuals into sharing their personal information like passwords or personal information. The scammer will then use the information to:
- Open new bank accounts
- Invade the user’s accounts
- Sell stolen information to other scammers
- Commit other fraudulent activities
Users may also be asked to perform actions like resetting their passwords or downloading a program, which is actually malware.
How to identify a phishing email
Phishing emails are becoming more sophisticated and harder to detect. Here are some tips to help you recognize one:
- Check the elements of the message like its domain, misspellings, or grammatical errors.
- See if it comes with suspicious attachments, such as files with extensions like .exe or .zip.
- The email comes from an unknown sender or you didn’t initiate the conversation in the first place.
- It asks for your credentials or personal details.
What happens if you open a phishing email?
If you opened a fraudulent email, scammers may get information like your IP address or general location. Remember to not interact with the message’s contents:
- Don’t download any attachments or click dubious links.
- Don’t reply to the message.
- Report the said email and delete it afterward.
Frequently Asked Questions:
Is it safe to read phishing emails?Opening a suspicious email is usually harmless. The risk comes from downloading any malicious files or attachments.
Yes, if your email client allows scripting, opening a message can potentially give you a virus.
Sometimes, cybercriminals can tell if you've opened a spam email. It's best to delete it without opening it to avoid being targeted for more spam.
How to report a phishing email
Before filing a report, make sure that you’ve accurately identified that it’s a phishing attack. Below are several ways to report it:
- Report deceptive spam messages to the Federal Trade Commission
- File a spoofing or phishing attempt report with the FBI’s Internet Crime Complaint Center
Gmail offers the option to report phishing by opening the email:
- Open the suspicious message.
- Click the three-dot icon (More) beside the reply button.
- Select Report phishing (fishing hook icon).
⚠️ However, Clean Email takes care of your security. We don't recommend opening suspicious emails. Instead, mark the email as spam without opening it.
- Select the message(s) you want to report.
- Then click the Spam button (exclamation mark) at the top.
If you’re using Outlook.com:
- Select the message you want to report from your message list.
- Go to your reading pane. Click Report → Report junk.
