Home > Resources for Library Staff > Teaching Moments > How to Spot a Phishing Scam

Teaching Moment

How to Spot a Phishing Scam

Phishing refers to a popular type of scam that can occur by email, text message, or phone call. The message looks like it’s coming from a legitimate source — maybe an insurance provider, bank, or the IRS — and asks you to download a file or click on a link and provide your login credentials. If you share login information, the scammer can use it to access your account. Because of this, it’s important to carefully review any email potentially coming from one of your accounts. Here are some red flags to look out for:

  • Does the message create a sense of urgency? Does it state you need to reply now or your account will be locked until you respond? This is a common tactic in phishing scams to make you act without thinking.
  • Check the email address of the sender. Does it look legitimate? Are there spelling mistakes (e.g., missing or additional letters) or have a lot of extraneous letters?
  • If there’s a link in the message, don’t click on it! Hover over it on a computer to see the full URL.  If you do want to check your account, open a new tab, enter the URL and log in.
  • Don’t download any attachments in a suspicious email. It could contain malware that compromises your device.
  • When in doubt, call the company at a number listed on an official website, and ask about the message. 
  • Check out the Federal Trade Commission’s website for more tips on how to recognize and avoid phishing scams.