10 ways to spot a phish

Check the email address in the email header by hovering your mouse over top of the email address. If it’s different from the address that is displayed—the message is probably fraudulent or malicious.

Even though an email might look to be from the University of Victoria or the Computer Help Desk, look closely at the "From" address. If the "From" address looks legitimate, double check the return-to address in the email composition window after clicking "reply." Be aware that from time to time, even UVic email addresses get stolen or compromised. If you receive a suspicious email from someone that you know, you should call them on the phone and verify the legitimacy of the email.

Authentic messages usually don’t have major spelling mistakes or poor grammar.  If it’s written poorly, don’t open it.

Phishing emails that use the UVic logo or other branding images make identifying the legitimacy of the email very difficult. Be sure to check for things like spelling and grammar errors and be wary of emails that aren't addressed to you personally. Phishing messages are generally sent in bulk, so they usually don't contain your first and last name. Just because an email looks like it's from UVic, doesn't mean it is! Double check with the Computer Help Desk if you're unsure.

If you click on a link in an email, be sure to check that the website you end up at is what you expected. In the previous example, the phishing email appeared to link to mail.uvic.ca. However, if you actually clicked on the link, you would be taken to a completely different website address that is unrelated to UVic. Do NOT enter your personal information into a page that has a suspicious website address.

If addressed to a vague “valued customer” or "dear user" it’s probably a phish. Lack of details about the sender or how you can contact them or their company strongly suggests a phish.

Legitimate banks, other companies and UVic will never ask for personal credentials via email and, you should never send it via email for any reason. UVic will never ask you for your password. If you receive this kind of email, delete it right away.

Any email that asks you for money to cover expenses such as taxes or fees is probably a phishing attack or a scam.

If the email looks unfamiliar or is unexpected, don't click on it! Copy and paste the URL into Notepad to determine if the link is legitimate.

Lots of phishing emails try to entice you with offers that are unbelievable. If it sounds too good to be true it probably is.

Any email message that makes unrealistic threats is probably a phish (i.e., companies that threaten with account closure or some sort of loss if you don’t “act immediately”).

If something doesn’t look right it’s a good indication that something is wrong and the email is probably fraudulent. Trust your gut.  When in doubt phone a friend or colleague and ask if they received the same email or contact the Computer Help Desk.

Phishing messages commonly include a link that appears to go to one place (e.g. the university), but actually goes somewhere else (eg. the attacker's site, which is setup to look like a university site. If you hover your mouse over a link, the real destination generally appears in the status bar at the bottom, or in a small tool tip beside the link. If it doesn't match the link text, there's a good chance you've caught a phish.