How can you tell if a message is phishing?
- A tone that’s urgent or makes you scared
Ex: “Click this link immediately or your account will be closed.” - Sender email address doesn’t match the company it’s coming from
Ex: Amazon.com vs. Amaz0n.com - Unexpected communications such as an email or attachment you weren’t expecting
- Requests to send personal info
Ex: Legitimate organizations don’t ask for personal information through email or an unexpected call - Misspelled words, bad grammar and odd URLs
Be aware that AI will make spotting these more challenging – stay diligent.
What should you do if you spot a phish?
DO
- Verify that the communication is real and contact the sender directly through known phone numbers or emails.
- Report it to your IT department or email/phone provider.
- Use email filters. Many email services have filters that can help prevent phishing messages from ever reaching your employees’ mailboxes.
- DELETE IT.
Don’t
- Don’t click any links you don’t trust, even “unsubscribe” (just delete).
- Don’t click any attachments you were not expecting or recognize.
The Division of Banks (DOB) is the chartering authority and primary regulator for financial service providers in Massachusetts. DOB’s primary mission is to ensure a sound, competitive, and accessible financial services environment throughout the Commonwealth.
