Cybersecurity Awareness: Seven Phishing Red Flags

Here are some phishing red flags to be on the lookout for with every email you receive. Be sure to ask yourself these questions:

1. From: Do you recognize the sender’s email address as someone you ordinarily communicate with? Is the email from someone outside Houston Methodist and not related to your job responsibilities? (All outside emails are labeled as [EXTERNAL] in the subject line and have a top banner.) Is the sender’s email address from a suspicious domain (something other than .com, .org or .edu)? Is this an unexpected or unusual email with an embedded hyperlink or an attachment from someone you haven’t communicated with recently?
2. To: Were you cc’d on an email sent to one or more people, but you don’t personally know the other people included in the message? Did you receive an email that was also sent to an unusual mix of people; for example, a seemingly random group of people at HM whose last names start with the same letter or a whole list of unrelated addresses?
3. Date: Did you receive an email that you normally would get during regular business hours, but it was sent at an unusual time, like 3 a.m.?
4. Subject: Did you receive an email with a subject line that’s irrelevant or doesn’t match the content? Is the email message a reply to something you never sent or requested?
5. Content: Is the sender asking you to click on a link or open an attachment to avoid a negative consequence or to gain something of value? Does the email have bad grammar or spelling errors?
6. Attachments: Did the sender include an email attachment you weren’t expecting or that doesn’t make sense? Does the attachment have a possibly dangerous file type? The only file type that is always safe to click on is a .TXT file.
7. Hyperlinks: Before you click a hyperlink, always hover your mouse over it — if the link to the address is for a different website, that’s a big red flag. Did you receive an email that only has long hyperlinks with no further information, and the rest of the message is completely blank? Does the hyperlink have a misspelling of a known website? For example, bankofarnerica, where the “m” is really two characters — “r” and “n.”