1. Home
  2. Technology
  3. Email
  4. Email Safety & Security
  5. How can I spot a phishing email?
  1. Home
  2. Technology
  3. Cybersecurity
  4. How can I spot a phishing email?

How can I spot a phishing email?

Contents

Phishing e-mails try to disguise themselves by attempting to imitate a company you know or trust: a bank, a credit card company, a social networking site, an online payment website or app, or an online store. Phishing messages often tell a story to trick you into clicking a link or opening an attachment.

  • Do not respond to these e-mails, and never provide any personal information by e-mail.
  • Do not click any links and do not open any attachments you weren’t expecting to receive.
  • Do not forward these e-mails to your friends.

View examples of real spam/phishing emails sent to Brooklyn College.

Also see 4 ways to protect yourself from phishing.

Red Flags

Here are some examples from actual phishing email scams and red flags to look for:

  • Mouse over the VERIFY link, will reveal non-Brooklyn College/CUNY address.
  • Official Brooklyn College/CUNY email correspondence will always have official Brooklyn College contact information listed.
  • NO official correspondence originates from student email account (@bcmail.cuny.edu).

  • As our system clearly indicates, this email came from outside of Brooklyn College it DID NOT come from within the college.
  • Official Brooklyn College email correspondence will always have official Brooklyn College contact information listed.

  • As our system clearly indicates, this email came from outside of Brooklyn College it DID NOT come from within the college.
  • Legitimate signature is missing.

  • As our system clearly indicates, this email came from outside of Brooklyn College it DID NOT come from within the college.
  • Mouse over the GATEWAY link, will reveal non-Brooklyn College address.
  • Official Brooklyn College email correspondence will always have official Brooklyn College contact information listed.

  • As our system clearly indicates, this email came from outside of Brooklyn College it DID NOT come from within the college.
  • Despite the fact this email came from Brooklyn College, mouse over the link, will reveal non-Brooklyn College address.
  • Official Brooklyn College email correspondence will always have official Brooklyn College contact information listed.

  • As our system clearly indicates, this email came from outside of Brooklyn College it DID NOT come from within the college.

  • Despite the email showing sender as someone from Brooklyn college (irs.service@brookyn.cuny.edu) our system clearly indicates it DID NOT come from within the college.

  • Our system clearly indicates it DID NOT come from within the college.
    Scammers will often send the email from a random email account and change the Display Name of the email address to either your boss, supervisor, or director.

  • Despite the email showing sender as someone from Brooklyn college (helpdesk@brookyn.cuny.edu) our system clearly indicates it DID NOT come from within the college.


  • The FROM field states this email came from kbcc.cuny.edu (Kingsborough Community College) BUT the footer says it came from Brooklyn College ITS Help Desk.

  • The domain of the sender does not match.
  • The spelling of NYS is wrong (there shouldn’t be a lowercase s in NYs). Possibly the easiest way to recognize any fraudulent email is bad grammar.
  • Unsolicited emails that contain attachments reek of hackers. Typically, authentic institutions don’t randomly send you emails with attachments, but instead, direct you to download documents or files on their own website.

  1. Our email security system that filters all inbound and outbound email traffic flagged this email as suspicious by inserting [Suspect] in the Subject line of this email.
  2. Despite the email showing sender as someone from Brooklyn College (securities@brookyn.cuny.edu) our system clearly indicates it DID NOT come from within the college.
  3. Mouse over the FIX ERROR button, will reveal non-Brooklyn college address.

Despite the email showing the sender as someone from Brooklyn College (webmaster@brookyn.cuny.edu) our system clearly indicates it DID NOT come from within the college.

Related Articles