How do I determine if a message is phishing?
Practice HOVER
Hover to Discover
Hover the mouse cursor over a link, without clicking, to see where it leads.
- Look for discrepancies.
- Look for unusual sites.
- Compare message context (sender) to website.
- Gain awareness by doing this every time.
Observe Context
Look for red flags:
- Bad grammar or spelling.
- Out-of-character content.
- Urgency.
- Action required to avoid negative consequences.
- Do you know why you are receiving the email?
- Is the sender requesting that you take some action?
- Are there attachments or links?
Verify Sender
- Identify different parts of email address.
- Is there a mismatch?
- Do you know the sender?
- Do you normally receive emails from this person?
Educate
- Educate yourself by taking training modules in COMPASS
- Learn preferred way to report suspicious emails.
- Learn the difference between spam and phishing.
- Learn the dangerous email actions.
- Refer to “Social Engineering Red Flags” handout.
Report
