How to Identify a Spam or Phishing Email
There are many indications that an email may not be legitimate. When you receive a potential spam email we suggest checking the following areas before you reply:
- Check the Sender - The message may say the sender's name, but does the email address match? Always look at the complete email address and not just the display name of the email; if an email looks to represent a trusted company (e.g. Microsoft, Amazon, Netflix etc.), check the domain (e.g. gmail.com) and see if it actually is from one of those companies. See the example below:
From: RISD President Office <chiefexecutiveofficer.com00@gmail.com>
Date: Wed, Sep 25, 2019 at 8:35 AM
Subject: Urgency
- Check the Links - Do not click any links or attachments that may originate from a suspicious email, as they can send you to a malicious website that will install malware. Does the URL match the link that was provided? Some web browsers will display the full link address if you hover your cursor over a link. If not, try to copy the URL and paste it in the address of a new tab or window to view the full link address before visiting the site.
- Check the Content - What is the message? What is the Subject? Are there spelling errors or major grammatical errors? Are they asking for personal information like another method of contact or for your username and password? It is important to be suspicious when receiving any emails that ask for personal imformation or place urgency on a request to do something out of the ordinary like make a payment or buy gift cards.
Not sure? We encourage you to forward any suspicious emails to servicedesk@risd.edu for evaluation purposes.
Additional Resources
* Tips gathered from Stay Safe On Line by the National Cyber Security Alliance.