What is Phishing?

Phishing persuades you to take action which gives a scammer access to your device, accounts, or personal information. By pretending to be a person or organization you trust, they can more easily infect you with malware or steal sensitive data.

Successful phishing messages are difficult to distinguish from real messages. Usually, they are represented as being from a well-known company, even including corporate logos and other collected identifying data. However, there are several clues that can indicate a message is a phishing attempt. 

Some tell-tale signs of a phishing email include:

• The message uses subdomains, misspelled URLs (typosquatting), or otherwise suspicious URLs.
• The recipient uses a Gmail or other public email address rather than a corporate email address.
• The message is written to invoke fear or a sense of urgency.
• The message includes a request to verify personal information, such as financial details or a password.
• The message is poorly written and has spelling and grammatical errors.

Phishing scams can also employ phone calls, text messages, and social media tools to trick victims into providing sensitive information.

If you receive one of these emails, this is what we should do:

• Verify the sender by checking their email address by hovering above the subject 
• Check the link, before you click. Make sure the links start with https:// and not http://
• Be careful when providing personal information. Never provide your credentials to third parties.
• Do not rush or panic reacts.  Scammers use this in order to pressure you into clicking links or opening attachments.
• If you gave sensitive information, don’t panic — reset your credentials on sites you've used them. 
• Immediately report all phishing emails to itsupport@capestart.com