Learn how to identify and protect yourself from email scams—especially phishing messages that pretend to be from trusted companies.

If you are a visual learner, or just looking to save time, check out the attached screenshots. They follow the sequence of the help script below:

🛡️ What Is a Phishing Email?

A phishing email is a fake message designed to trick you into clicking a link, giving up personal information, or downloading harmful software. These scams often pretend to be from companies you trust—like Microsoft, your bank, or even this site.

🚩 Real Example of a Phishing Email (With Screenshot)

Let’s break down the red flags in this real phishing email:

🔍 1. The Email Uses Your Name or Nickname

• While this makes it feel more personal, remember: scammers often use publicly available info to seem legitimate.
• Don’t assume it’s safe just because it uses your name.

📭 2. The “From” Address Looks Suspicious

• In this case, the email came from: @campriverrun.org
• That domain has no connection to Microsoft, even though the email claims to be from them.

🧠 Tip: Always hover your mouse over the sender's email to see the full domain.

💤 3. The Message Claims Your Account Is Inactive

• This message says: "Your maiIbox (you@yourinbox.com) set to discontinue due to inactive user notice
• That’s suspicious, especially if you’ve been using the account regularly.

🧪 4. Strange Strings of Letters and Numbers

• The email includes a long, confusing “ID or code”—likely meaningless (Notification-118 Request ID:SQFF6BNBT7YZPHODAQ8X1CAWDTHUMA5OP26YYOD1TF
• This is often used to look official and trick you into trusting the message.

🧵 5. Awkward Language & Grammar Mistakes

• The email used unnatural phrases like:

  • “Notice email” (instead of “notification”)
  • Missed punctuation and missing verbs
• These are classic signs of a phishing attempt, often from non-native English speakers or bots.

🎯 6. A Bold Call-to-Action: "Confirm Mailbox!"

• A big blue button telling you to click immediately is a major red flag.
• Never click buttons or links in suspicious emails. They may lead to fake login pages or install malware.

🕵️ 7. Generic, Unverifiable Signature

• Signed simply: "The Office Team"
• No contact info, no logo, no address—nothing you could use to verify the sender.

🚫 What to Do if You Receive a Phishing Email

1. Don’t click anything.
2. Don’t reply to the email.
3. Do not forward it to anyone else.

4. Report it:

   • In Outlook: Click “Report Phishing” under the “Junk” menu.
   • You can also forward it to: reportphishing@apwg.org or the real company’s phishing report address (e.g., phishing@microsoft.com).
5. Delete the email.

🧓 Especially for Seniors:

• If something feels “off,” trust your gut—and don’t rush.
• When in doubt, ask someone you trust or call the company directly using a number you know is real.
• No legitimate service will ever ask you to verify your account by clicking a random link in an email.

🔐 Stay Safe with These Quick Rules:

• Always check the email address of the sender.
• Hover (don’t click) on buttons or links to preview the destination.
• Look for bad grammar, urgency, and vague or strange requests.
• Keep your browser and antivirus software updated.