What is Phishing?
Phishing is a kind of cyber attack in which an attacker tries to get sensitive information from you by disguising as someone else. A phishing attack can be carried out via email, through a text message, or via phone. The attacker can pretend to be your bank or a company you are familiar with, such as Google or Microsoft. By pretending to be a legitimate person or entity, the attacker tries to lure you into revealing sensitive data such as usernames, passwords, and credit card info.
How to spot and avoid phishing emails:
Scammers will pretend to be a company you may know. However, the sender address will be different. For example, instead of dropbox.com they could be using dr0pbox.com or dropbox.offers4me.com
If the email seems to be coming from a trusted source, hover over the link and verify that the domain matches who it should be. If it’s an email regarding an account you have, you can simply go to that website in your browser. If the alert was real, it’ll be there too when you login.
If you’re not sure what to do with a suspicious email, the best thing is to just delete it. Consult with IT staff to inquire about its validity.