How to spot a

In real life, clicking on a suspicious email link would have loaded a virus onto your computer and given cyber criminals access to your data, passwords, and our City network.  Email phishing is THE most common way for cyber criminals to get access to your computer and steal sensitive data.  A great example of this is the “WannaCry” virus in the news this week, sent to people by phishing emails.

For an email phishing attack to work, they need to trick you into doing something (click a link, download an attachment, etc). But, there are always clues that it is a phishing email.  Here are ways to spot a phishing email:

  • The email has an urgency or fear to get you do do something immediately or something bad will happen (e.g. click here to “fix a virus on your computer”, “unblock your account”, or “win an iPhone”).  
  • The message has a generic salutation, such as “Dear Customer”.  Companies know your name if you do business with them.
  • The message requests sensitive information, such as a password, credit card number, or social security number.  NEVER gives this information over.
  • The message says it comes from an official or organization, but uses a personal email account in a domain such as, or, and may have poor grammar or spelling.
  • The message seems to be from someone you know, but it does not look right.  Get their phone number from another source and give them a call (user-friendly aliases and even “From:” addresses are easy to fake).