Spotting Phishing Emails

Spotting a phishing email is sometimes incredibly easy. The email may be so clumsy that it just contains a handful of misspelled words and link that the criminal hopes you will just click on blindly.

The following tips will help you identify more carefully crafted emails that are harder to spot because they look so real.

Legitimate email won't ask for sensitive information

Banks, stores, credit cards, and Brandeis University all recognize the danger that phishing poses. For that reason, these institutions make it a practice not to ask that sensitive information be sent to them over email.

Therefore, any emails asking you to "update an account" or reset a password by responding to that email with sensitive information should be deleted.

Brandeis University will never ask you to send your password over email or to reactivate your account. Here is an example of a recent phishing email:

Example of a phishing email

Look at the actual email address the message was sent from

Gmail Many phishing attempts rely on the fact that most people do not take the time to check the actual address an email came from. But checking the email address can be the easiest and most effective way to spot a phishing scam. You can easily view the actual email address (as well as any links) from the Gmail interface by clicking the down arrow button (next to the reply button) and selecting "Show original."

This will display the message in its original "raw" form, allowing you to see who actually sent the message and where the links truly take you.

Every email will display the address that the email is sent from. This doesn't just mean the purported name of the sender, but the actual "" address. It is easy to fake the name of the email's sender, it is much harder to fake the address it was sent from.

Always check what email address sent the message before sending a reply or clicking on any links in the message.

Your bank will never send you email correspondence from a Hotmail account, for example. So an email that was sent from very likely could be a phishing attempt.

Example of a phishing email

Generic greetings can indicate phishing attempts

Most major companies that correspond through email (eBay, PayPal, Amazon, etc.) have learned to start legitimate emails by greeting you with your name or some kind of identifying information. Not every email with a generic greeting, such as "Dear User," is a phishing attempt. But a generic greeting it is a great first sign that the email may be fraudulent.

If an email is not addressed specifically to you, but it's asking for specific information about you, check for other telltale signs.

Hover over links

Sometimes a phishing email will ask you to click on a link to provide information, to update an account, or to take you to a particular web page. Sometimes, the link in the email looks correct and legitimate. However, just like it is easy to fake the name of who sent an email, it is easy to make a link look like it's taking you to a safe web site, when really, it's taking you somewhere dangerous.

Most modern email programs and web browsers (for those checking email in a browser) have a feature built-in that allows you to hover over a link to see where it's really going to take you. Simply move your cursor over the link, without clicking on the link, and wait a few seconds. Your email application or your browser will show you where that link will actually take you.

If you don't recognize the web site that a link will actually take you to, inform LTS by forwarding it to

Recognize emails that come from an organization or company you're not affiliated with

If you do not have an account with Wells Fargo, but you receive an email from Wells Fargo asking you to update your account details, it is a safe bet to characterize this email as a phishing attempt. These are usually the easiest phishing attempts for people to spot.