Don't take the bait - Identify and report phishing emails

“Phishing” is the term used to describe when a scam artist sends an official-looking email to try to get the recipient to reveal person information such as user names, passwords, account numbers, or other personally identifiable information. The email encourages the recipient to respond to the email or click a link provided in the message and “login” to a site such as a bank account, agency, or store. Here are some tips to help you identify malicious phishing emails:

  • Grammar and tone: Most malicious emails contain poor grammar, punctuation or spelling. If you receive an unexpected email that contains poor grammar and tone, carefully look for other signs of phishing before responding.
  • Check the addresses: If the sender email address is different than the "reply to" address, this is unusual.
  • Logos: Many phishing emails contain fuzzy or fake company logos.
  • Lack of signature: Phishing emails may not contain email signatures or any contact information such as telephone numbers.
  • Links or attachments: If you were not expecting an attachment or link and you do not know the sender, do not open it. If you aren’t sure, call the sender to verify they sent the message.
  • Urgency: Be careful of unexpected email messages that portray a sense of urgency such as “you must act now,” or “urgent!” Attackers often use this technique to confuse the recipient.

If you receive a suspicious email, do not respond, click links or open attachments. Immediately forward the message to the UofSC Information Security Office at

Share this Story! Let friends in your social network know what you are reading about