You clicked a
phishing email

Phishing emails are designed to trick you into revealing sensitive information, downloading malware, or taking actions that compromise security. Attackers use urgency, fear, and social engineering to bypass your natural defenses.

How to spot phishing emails
  1. 1 Check the sender address carefully. Look for misspellings, unusual domains, or addresses that don't match the claimed sender. Legitimate companies use their official domain names.
  2. 2 Be wary of urgent or threatening language. Phishers create urgency ("Your account will be closed!") or fear ("Immediate action required!") to make you act without thinking.
  3. 3 Hover over links before clicking. Check the actual URL destination. If it doesn't match the claimed website or looks suspicious, don't click. When in doubt, type the website address directly into your browser.
  4. 4 Look for poor grammar and spelling. While some phishing emails are well-written, many contain errors that legitimate companies wouldn't make.
  5. 5 Verify unexpected requests independently. If you receive an unexpected request for information or action, contact the company directly using a phone number or email address you know is legitimate.

Attackers use various techniques to make their emails appear legitimate:

  • Fake invoices & receipts: Emails claiming you've been charged for something, hoping you'll click to "dispute" the charge and enter credentials.
  • Account verification requests: Fake emails from banks, cloud services, or social media asking you to "verify" your account by clicking a link.
  • Package delivery notifications: Fake shipping confirmations or delivery problems that trick you into clicking malicious links or downloading malware.
  • CEO/executive impersonation: Emails appearing to come from company leadership requesting urgent wire transfers, gift card purchases, or sensitive data.
  • Credential harvesting: Fake login pages that look identical to real services, designed to steal your username and password.
  • Malware attachments: Emails with infected PDFs, Word documents, or ZIP files that install malware when opened.