How To Detect a Phishing Email
Identifying Red Flags
As phishing messages targeting the UMBC community continue to be observed, you may find yourself as the recipient of a suspicious email and asking the question, “Is this a scam?”. Avoiding interaction and reporting an email when suspicious are highly recommended, but being able to identify a phishing scam outright through the presence of simple red flags is a useful skill that can allow you to better protect yourself and others. As these basic symptoms add up, the more likely an email is dubious. Caution is always advised.
1. Strange or Unexpected Sender
2. Urgency or Scare Tactics
Phrases like "Immediate Action Required", "Your account will be suspended", or "Confirm now to avoid penalty" are red flags. Scammers want to panic you into clicking without thinking, ignoring potentially suspicious elements of an email.
3. Unusual Links or Attachments
Hover (don’t click!) over any link to see where it actually leads, be wary of irregular addresses. Attachments from unknown senders, especially `.zip`, `.exe`, or `.html` files, can be dangerous.
4. Poor Grammar or Awkward Language
Legitimate communications are usually well-written. Typos, strange phrasing, or bizarre greetings like "Dear User" can signal a scam.
5. Requests for Sensitive Info
No real university department will ever ask you to email or submit your passwords and personal information into online forms. Never give out any personal information, of any kind, in response to a sudden email.
An urgent, seemingly official email can be scary and confusing. But if you pause and take a closer look, some of these red flags can be easily spotted, and you can avoid getting hooked.
Any suspicious email can be reported by forwarding it to security@umbc.edu
Be diligent, be safe, and protect your personal information at all costs.
Posted: July 24, 2025, 10:59 AM
