Cyber criminals are known for trying to trick you by creating and sending fake emails that appear to be from an authentic source. Known as a phishing attack, the message might ask you to confirm personal information, click on a link, or open an attachment, but that could lead to identity theft or downloading a virus or malware. Phishing emails are one of the most common online threats. Be aware of the signs and know what to do when you encounter them.

1. The email asks you to confirm personal information.
   Watch out for emails asking you to confirm personal information that you wouldn’t normally provide like your username, password, social security number, date of birth, or bank account information.
2. There are misspellings and poor grammar in the email.
   If you see a lot of misspellings or poor English, that’s a red flag. Many of these emails are written by people who do not speak English as their first language. There’s even reports that scam emails are poorly written on purpose to ensure that they only trick the most gullible targets.
3. The email address doesn’t look genuine.
   A recent phishing email that was impersonating SKT, said it came from SKT and contained the SKT logo, but the email address ended in atcseptic .com. Sometimes phishing emails will even use the company’s name in the email such as @mail.skt.work.
4. It contains links to unexpected websites.
   Check links by hovering over them without clicking. If they look suspicious, don’t click on them.
5. There’s a suspicious attachment.
   If you receive an email from a company that is unexpected and it contains an attachment, verify that the email is legitimate. At a minimum, it’s a good practice to scan it using antivirus software before opening.
6. The message makes you panic.
   The email might claim that you have a deadline before your account is deactivated or locked if you don’t act immediately.

If you think an email looks suspicious, delete it. Don’t open any links or attachments and don’t forward or reply to the email. If you think the email might be genuine, contact the organization directly (not using any contact info in the email) to confirm.