Since the PhishAlarm feature was introduced earlier this year, more than 6,000 potential threats have been reported. This number is only expected to rise as generative AI is making it easier than ever for hackers to automate their scams and make their attempts look less suspicious. 

The more you know about what phishing emails have in common, the easier it will be to spot them. Here are some tips to help you evaluate a suspicious email: 

• Does it contain an offer that’s too good to be true?  
• Does it include language that’s urgent, alarming, or threatening?  
• Is it poorly crafted writing riddled with misspellings and bad grammar? 
• Is the greeting ambiguous or very generic?  
• Does it include requests to send personal information? 
• Does it stress an urgency to click on an unfamiliar hyperlinks or attachment? 
• Is it a strange or abrupt business request? 

• Does the sender’s e-mail address match the company it’s coming from? Look for little misspellings like pavpal.com or anazon.com.

-National Cybersecurity Alliance, Phishing

Learn how to report phishing at Cornell, and how to report phishing at home.

Phishing attempts are made on Cornell staff, faculty, and students on a daily basis. As members of the Cornell community in a digital world, it’s everyone’s responsibility to learn how to identify and defend themselves from phishing.