What’s phishing you ask? This is when you receive a bogus email that is designed to look like something legitimate with the intention of you clicking on a link which will take you to the “bad guy’s” web site or download something malicious.
These phishing attempts are designed to look like they come from Apple, Google, Dropbox, banks, and other well known organizations. They often tell you that they need to verify your account information or that your password needs to be reset. By clicking on the links provided in those emails, you’re not taken to the real web sites they pretend to be. Instead, you’re taken to fake web sites (designed to look like the real ones) that ask you to login with your username and password. Don’t do it as you’ll be giving the bad guys your login information for the real web site.
So, how good are you at sniffing out a phishing scam? Things to look at are the return email address and the links you would go to if you were to click the links provided in the email. Very often, the grammar is poor or just not right. To identify if it’s real or fake, hover over the From email address and the links (without clicking) and your email program will reveal the real web page it will go to. For example, if it says to “Verify Password” for iCloud but hovering over the link shows it will go to “icloud.appleverify.com”, you’ll know it’s bogus as Apple’s website is “apple.com”, not “apple verify.com”. Don't fall for it.
If you’re on an iPhone or iPad, you won't be able to hover, of course, as you don’t have a mouse. Instead, tap and hold on the link long enough for a popup to appear to show you the real link under the button. Letting go will not take you to that link so you’ll be OK.
To see how you’ll do at identifying the phishing emails from legitimate sites, take the Phishing Quiz at phishingquiz.withgoogle.com. I suggest you use a fake name and email address in the quiz.