How to identify phishing emails

Document created by shaw-fraser on Jun 25, 2012Last modified by shaw-alex on Nov 10, 2017
Version 64Show Document
  • View in full screen mode

Learn how to identify fraudulent or phishing emails. Phishing emails are typically sent to obtain personal and private financial information. They ask for confidential information such as your account username, account number, and email password.
 

This article will provide insight into:

 

What is phishing?

In recent years, phishing scams have become more frequent, more sophisticated and more difficult to detect. Phishing is a technique that uses fraudulent websites and falsified emails to trick you into providing personal information—such as login credentials and credit card information. Perpetrators can gain this information by:

 

  • Sending you links to websites that appear trustworthy and steal your information when you fill out the login field
  • Persuading you to reply to the email with personal information
  • Adding a trigger to the email that will download malicious software to obtain data, encrypt your files for ransom money, or other malicious practices

Back to top

 

How to identify a phishing scam

To help you detect more sophisticated phishing attempts, below are a few tips on how to best protect yourself from malicious online attacks.

  • Be cautious of emails that:
    • come from an unknown sender and ask you to provide personal information
    • apply emotional pressure to persuade you into providing personal information
    • require that you take action on a matter that you don’t recognize and/or don’t expect
    • use poor spelling and/or poor grammar
    • appear to come from a reputable business; however, the sender’s email address is not a corporate address

  • Report emails asking for personal information, especially sensitive information such as login credentials, government issued ID numbers or any financial information. Shaw and other legitimate institutions will never request credentials, credit card information or other sensitive information via email.

  • Verify that the link provided in the email links to a legitimate website by hovering your mouse over the hyperlink. If the URL displayed looks suspicious, or if you are unsure, forward the email as an attachment to the company it claims to come from for investigation.

  • Double-check the sender. Emails from Shaw will end in @shaw.ca, @marketing.shaw.ca, @shaw.sjrb.ca, @sjrb.ca or @shawdirect.ca.

  • There are times when Shaw may ask you to fill out a form, such as a DocuSign form, as part of the customer service process. These forms will always be sent to you by a trusted Shaw source, who you should already be familiar with as part of the customer service process. If you receive such an email and are not familiar with the sender, contact us to confirm its legitimacy before opening any links or attachments.

 

Back to top

 

What to do if you believe your personal information is at risk

If you feel that your Shaw account or banking information may be at risk after opening or responding to a phishing email:

 

  1. Change your username and password for any account that may have been compromised
  2. Contact Shaw to report an incident related to your Shaw account
  3. Inform your bank if you feel your banking information may have been compromised
  4. Contact local law enforcement to open an investigation if you believe you were the victim of a targeted attack


You should always be cautious of phishing scams. Below are some examples of known phishing scams we are aware of and combating:

 

Examples of Fraudulent messages and Phishing attempts
 Payment declined example Update Webmail exampleAccount sign-in example
ExampleExampleExample
Account change exampleMailbox security exampleMailbox is almost full example
ExampleExampleExample

*Click each image to enlarge

Back to top

 

 

Related Articles

 

 

Attachments

    Outcomes