How to identity phishing attempts...

Description

This article is on how to identity what a phishing attempt is

Example

Subject: We have temporarily restricted your online account access. 
Date: 04 Dec 2014 13:40:22 -0500 
From: Wells Fargo <no-reply@wfarg.com> 
 Reply-To: noreply@wfarg.com 
 To: undisclosed-recipients:; 


*Your account has been temporarily limited. * 

 To restore your online account access, please 
 confirm your details on file with us. 

 For confirmation, please click the link below: 

 Sign On to Wells Fargo account <http://mhgmichigan.com/we/> 


 We apologise for any inconvenience caused. 
 Thank you. 

 © 1999 - 2014 Wells Fargo. All rights reserved. NMLSR ID 399801

What to look for...

Most phishing attempts often have the noticeable flaws that give it away.

• The recipient (To:) does not have your actual e-mail address. While this example has undisclosed recipients as a means of a BCC method of delivery, some phishing methods are not as smart to avoid this
• The sender (From:) comes from a weird domain. In this example, wfarg.com is NOT an actually a wellsfargo domain, it belongs to someone else. (You can use http://whois.domaintools.com/ to look up domains and who owns them)
• Any links on the message will not go to the company's site in question. The link in this example is going to http://mhgmichigan.com/we, which is definitely not a Wells Fargo website.
• Does it actually have any information you recognize? Most phishers have no idea of any of your actual information.  As you can see here in this example, no real information is put in here, not even a Name or the last 4 digits of the account.  While this is meant to be a generic message, a generic message telling you your account is suspended is often a fake message.  Most businesses will help you identify, properly, who they are trying to contact, and to go one step further, use a part of actual information, such as the last 4 digits of your account, to help make sure this is you and them talking.
• Is it too good/bad to be true? Another common phishing method is the 'Nigerian Prince' scam or 'I need help' scam.  Where they want personal information or bank information to route money to you or get money from you to bail them out.

For more information, please refer to UC Santa Barbara IT - Identify Phishing Scams.

What you can do to protect yourself...

• Question everything. As mentioned above, Phishers send mail to get your information.  With that in mind, they have nothing on you short of a very few things.
• Don't click on the link!  If you feel it is a valid communication, don't click the link.  Go through the main site or better yet, call them using the phone number on their main website.
• Can you find it on Google?  Believe it or not, some of these phishing scams, like the 'Nigerian Prince', almost word for word or a variation of the letter can be found on Google and reported as a scam.
• Keep Calm and Think it through. As scary as having an account shut off...  It isn't the end of the world.  A lot of phishing attempts trick people into 'freaking out' because it relates to something, like money or the law or something important to you.  The best way to protect yourself is to remain calm, don't instantly react to the email.  As above, question everything about it, even try using Google on part of it, often times you will see several articles saying it is fake.

Should I report this?

For all intents and purposes, yes.

You can follow the guide on how listed here:

How should I report a phishing attempt?

Please also refer to Report Harassing or Unwanted Email on reporting phishing attempts.

Related articles

• Page:
  Can I keep my email address after I graduate? (Alumni Mail)
• Page:
  Securing a computer on Campus
• Page:
  I created an @<department>.ucsb.edu account, but it shows up as @ucsb.edu...
• Page:
  Securing Linux Computer
• Page:
  What should I set as my incoming and outgoing mail server in my email client configuration?