Privacy and Information Security | University of Illinois

Spotting Phishing Attempts

Phishing attempts can be clumsy or clever, but you can learn how to spot them.

Man with fishing lines


Spotting a phishing email is sometimes incredibly easy. The email may be so clumsy that it just contains misspelled words and a link that the criminal hopes you will click on blindly. 

The following tips will help you identify more carefully crafted emails that are harder to spot because they look so real. The best way to spot a phishing email is to look for clues that the person or organization sending the email is NOT who they say they are.

Legitimate email won't ask for sensitive information

Banks, stores, credit cards and the University of Illinois all recognize the danger phishing poses. Because of this, these institutions make it a practice never to ask for sensitive information to be sent by email.

Any emails asking you to "update an account" or reset a password by including sensitive information in an email should be deleted.

The University of Illinois will never ask you to send your password over email.

Look at the actual email address the message was sent from

Many phishing attempts rely on the fact that most people do not take the time to check the actual address an email came from. But checking the email address can be the easiest and most effective way to spot a phishing scam.

An email displays the address the email is sent from. Scammers get around this in one of two ways: they either alter the display name and leave their address, or spoof the sender entirely. 

Your bank will never send you email correspondence from a Hotmail account, for example. So an email that was sent from is very likely a phishing attempt.

Generic greetings can indicate phishing attempts

Most major companies that correspond through email (eBay, PayPal, Amazon, etc) have learned to start legitimate emails by greeting you with your name or some kind of identifying information.

Not every email with a generic greeting, such as “Dear User,” is a phishing attempt. But a generic greeting it is a great first sign that the email may be fraudulent.

If an email is not addressed specifically to you, but it's asking for specific information about you, check for other tell-tale signs.

Hover over links

Sometimes a phishing email will ask you to click on a link to provide information, to update an account, or to take you to a particular web page. Sometimes, the link in the email looks correct and legitimate. However, just like it is easy to fake the name of who sent an email, it is easy to make a link look like it's taking you to a safe web site, when really, it's taking you somewhere dangerous.

Most modern email programs and web browsers (for those checking email through webmail) have a feature built-in that allows you to hover over a link to see where it's really going to take you.

Simply move your cursor over the link, without clicking on the link, and wait a few seconds. Your email application or your browser will show you where that link will actually take you.

If you don't recognize the web site that a link will actually take you to, simply delete the phishing email.

Recognize emails that come from an organization or company you're not affiliated with

If you do not have an account with Wells Fargo, but you receive an email from Wells Fargo asking you to update your account details, it is a safe bet to characterize this email as a phishing attempt. These are usually the easiest phishing attempts for people to spot.

Photo by Jeff Attaway