How to identify phishing or scam emails

Document created by shaw-fraser on Jun 25, 2012Last modified by shaw-jody on Feb 13, 2019
Version 81Show Document
  • View in full screen mode

Learn how to identify fraudulent or phishing emails. Phishing emails are typically sent to obtain personal and private financial information. They ask for confidential information such as your account username, account number, and email password.


If you think you've received a phishing or scam email, see How to Report Spam and Adjust the Webmail Spam Filter for additional information on reporting it.

This article will provide insight into:


What is phishing?

In recent years, phishing scams have become more frequent, more sophisticated and more difficult to detect. Phishing is a technique that uses fraudulent websites and falsified emails to trick you into providing personal information—such as login credentials and credit card information. Perpetrators can gain this information by:


  • Sending you links to websites that appear trustworthy and steal your information when you fill out the login field
  • Persuading you to reply to the email with personal information
  • Adding a trigger to the email that will download malicious software to obtain data, encrypt your files for ransom money, or other malicious practices

Related: Internet Security FAQs

Back to top


How to identify a phishing scam

To help you detect more sophisticated phishing attempts, below are a few tips on how to best protect yourself from malicious  attacks.

  • Be cautious of emails that:
    • come from an unknown sender and ask you to provide personal information
    • apply emotional pressure to persuade you into providing personal information
    • require that you take action on a matter that you don’t recognize and/or don’t expect
    • use poor spelling and/or poor grammar
    • appear to come from a reputable business; however, the sender’s email address is not a corporate address

  • Report emails asking for personal information, especially sensitive information such as login credentials, government issued ID numbers or any financial information. Shaw and other legitimate institutions will never request credentials, credit card information or other sensitive information via email.

  • Verify that the link provided in the email links to a legitimate website by hovering your mouse over the hyperlink. If the URL displayed looks suspicious, or if you are unsure, forward the email as an attachment to the company it claims to come from for investigation.

  • Double-check the sender. Emails from Shaw will end in,,, or

  • There are times when Shaw may ask you to fill out a form, such as a DocuSign form, as part of the customer service process. These forms will always be sent to you by a trusted Shaw source, who you should already be familiar with as part of the customer service process. If you receive such an email and are not familiar with the sender, contact us to confirm its legitimacy before opening any links or attachments.


Back to top


What to do if you believe your personal information is at risk

If you feel that your Shaw account or banking information may be at risk after opening or responding to a phishing email:


  1. Change your username and password for any account that may have been compromised
  2. Contact Shaw to report an incident related to your Shaw account
  3. Inform your bank if you feel your banking information may have been compromised
  4. Contact local law enforcement to open an investigation if you believe you were the victim of a targeted attack

You should always be cautious of phishing scams. Below are some examples of known phishing scams we are aware of and combating:


Examples of Fraudulent messages and Phishing attempts
 Payment declined example Update Webmail exampleAccount sign-in example
Account change exampleMailbox security exampleMailbox is almost full example
Update Billing InformationBilling information update exampleActivate Shaw ID example
Billing information update phishing message

Activate Shaw ID Phishing Email


Note: All links in the email are legitimate except the "Activate Now" button.

spam email update billing credit card debitscam email shaw payment was declined march 2018

Your account is on hold email scam phishing

payment failure update billing informationunable to process payment updating billing information


*Click each image to enlarge

Back to top



Related Articles




Still have questions? Chat with us on social media.

It's fast, easy and convenient, and it's totally a new way to connect with us.

Facebook Messenger       Twitter Help