Recognizing Phishing Attempts

November 3, 2011


While the Nigerian Scam has become a running joke, phishing attacks are constantly evolving. Recently we have seen some attacks centered around the upcoming 2012 election. As with any scam, the best defense is good security practice and the maxim, “If it sounds too good to be true, it probably is.”

What is Phishing?

Phishing is an attempt to acquire sensitive information (e.g. login credentials) by impersonating a trusted source through email or other forms of electronic communication. Generally, the communications purport to be from a legitimate website such as Facebook or Google and they attempt to lure the targeted recipients into divulging the sensitive information either through email or through a fake website.

Best practices for avoiding phishing scams

To avoid becoming a victim of a phishing scam, be sure to follow these general security best practices:

  1. Do not reply to emails or pop-up messages asking for personal, financial, or login information.
  2. Do not email personal, financial, or login information.
  3. Exercise caution when following a link in an unsolicited email. Check the URL to ensure it is the address it appears to be.

For further tips on avoiding phishing scams, visit: