Identifying Phishing Emails

May 5, 2017

Many of us have received multiple phishing emails over the past week. These emails should be deleted. 

MIT IS&T has identified some things to look for to verify if the email is a phishing email, this one hits a few. 

Things to look for to verify if the email is a phishing email:

  • Spelling errors and bad grammar
  • Odd formatting (e.g., incorrect use of capital letters or punctuation)
  • No real person's name included either in the greeting or the signature
  • If a password is being requested, you know the email is not legitimate. No legitimate business will ever request your password. Look at what else is being requested as well (e.g., requesting your sex and country or territory is not a legitimate customer service request)
  • No mention of a phone number to call or person to contact
  • Deleting an account due to lack of response: a legitimate business doesn't follow that kind of practice
  • Includes a hyperlink that has an odd looking URL (for instance with a foreign country as the domain, or trying to match a legitimate web address but spelled differently)