Signs in email that should raise red flags:
- The sender requests your password, social security number or an account number or other personal credentials.
- The sender says you need to act immediately or your account will be cancelled or you will lose privileges.
- The sender makes spelling or grammar mistakes.
- The link or the email looks similar to a legitimate source but not quite – phishing emails sometimes try to copy the logo or other visual elements of an institution.
If sensitive information is requested, always call the requester to verify before responding. DO NOT TRY TO VERIFY THE SOURCE’S LEGITIMACY BY REPLYING TO THE EMAIL. If there is no contact information and no way to verify, delete the message!