Skip to main content

Types of Phishing: Tips to Prevent, Spot, Report Scam Emails

Two white envelope email icons caught on a yellow fish hooks and the text What is phishing.

October is National Cybersecurity Awareness Month, reminding us that it's important to protect our personal information online. One way to do that is to recognize and avoid falling victim to phishing scams.

What is Phishing and How Does It Work?

Josh Gomez and the text Josh GomezPhishing is a tactic scammers use to impersonate legitimate companies and attempt to grab your sensitive information such as passwords, credit card details, other banking and payment information, usernames, money, and more. Think of how fishermen use bait to catch fish — your personal information is the fish in this scenario, the scammer is the fisherman, and the bait is the fraudulent email they send you. The email might ask you to click on a link and update your information, for example.

Types of Phishing

There are different types of phishing emails to be on the lookout for. However, according to Josh Gomez, information security analyst at Southern New Hampshire University’s (SNHU) Information Security Management Office, the three main categories of phishing that are known in the industry include:

  1. Clone Phishing – Replica emails of legitimate messages to trick its target into sharing personal information
  2. Business Email Compromise (BEC) – Targeted to specific employees in finance or accounts payable departments who are authorized to initiate money transfers
  3. Whaling – Phishing that targets an organization’s C-suite executives

How to Spot A Phishing Email

Robin Sullivan and the text Robin SullivanAt first glance, it can be easy to miss a phishing attempt. Before responding to an email or clicking any of its links, be aware of these red flags provided by Robin Sullivan, program manager at SNHU's Information Security Management Office:

  • You’re asked to confirm personal information
  • The web and email address don’t look genuine
  • The email is poorly written
  • There are misspellings, spoof display names
  • Tries to instill a sense of urgency

How to Prevent Phishing

Phishing scams can be costly to businesses and individuals. “Compromised information as a result of phishing can cause significant damage to a person or an organization. It can lead to identity theft, financial loss, loss of access to email, and loss of personal identifiable information,” Sullivan said. So, it’s important to know how to prevent falling prey to a phishing attempt. Sullivan offers these tips:

  • Use strong, unique passwords for each of your online identities. Never re-use the same password for multiple online identities. Choose different letters, numbers, and symbols, and don't use anything common that can be researched publicly about you.
  • Never click links in an email. If you receive a notification, for example, from your bank, log in directly to the bank’s website instead of using the link in your email.
  • Never share personal or financial information in an email.
  • Always be suspicious of unsolicited emails and phone calls.
  • If it sounds “too good to be true,” it probably is.
  • Use anti-virus, email filtering and firewalls to reduce phishing traffic.

“But no matter how many controls are put in place to protect our environment, the best defense will continue to be user awareness and vigilance,” Sullivan said. “As technology changes, scams become more sophisticated and complex, and we will always have these threats to some degree.”

How To Report Scam Emails

If you feel you’ve received a phishing attempt, be sure to report the scam to help prevent it from happening to others. Gomez suggests these resources:

SPAM vs. Phishing

SPAM is when someone sends an email to several users at once or is trying to sell something by pushing their product on users as a usually unsuccessful attempt at marketing. Think of it as annoying junk mail, where the sender isn’t purposely trying to steal your information as compared to phishing.

See how savvy you are by taking Google’s Phishing Quiz to learn how you can better identify phishing emails and protect yourself from potential cyber threats.

Michelle Shreeve ’15, ’16 is a freelance writer and the author of “Parental Death: The Ultimate Teen Guide.” Connect with her on LinkedIn.

Explore more content like this article

An aeronautical engineer working on a computer in a lab.

What is Aeronautical Engineering?

If you’ve ever dreamed of designing the next generation supersonic airplane or watching the biggest jet engine soar, you may have considered a career in aeronautical engineering. Here are some fundamental questions to help you decide if the field is right for you.
Two engineers discussing what engineering is

What is Engineering?

Engineering is a rewarding profession with dozens of subtypes, allowing you to truly customize your career. The foundation of all types of engineering is the use of math, science and art to solve problems, while building, improving or modifying structures or systems.
A group of students sitting in a row working on laptops

AWS Jam at SNHU: Experiential Learning for STEM Students

In early April, SNHU offered STEM students an experiential learning opportunity to help advance their skills and connect with the SNHU community. SNHU, AWS and Red River Charitable Foundation hosted an AWS Jam session for the inaugural Red River Charitable Foundation Cloud Cup.

About Southern New Hampshire University

Two students walking in front of Monadnock Hall

SNHU is a nonprofit, accredited university with a mission to make high-quality education more accessible and affordable for everyone.

Founded in 1932, and online since 1995, we’ve helped countless students reach their goals with flexible, career-focused programs. Our 300-acre campus in Manchester, NH is home to over 3,000 students, and we serve over 135,000 students online. Visit our about SNHU page to learn more about our mission, accreditations, leadership team, national recognitions and awards.