Cyber criminals generally use two methods to get your personal information. The first is getting you to reply to the phishing e-mail with your personal information. The other method is to get you to go from an e-mail to a Web site and enter your information.
Legitimate organizations, like Ball State, would never request this information of you via e-mail.
Here are some characteristics to look for when on a phishing Web site.
1. Poor resolution. Phishing Web sites are often poor in quality, since they are created with urgency and have a short lifespan. If the resolution on a logo or in text strikes you as poor, be suspicious.
2. Forged URL. Even if a link has a name you recognize somewhere in it, it doesn't mean it links to the real organization.
a. Read URLs from right to left — the real domain is at the end of the URL.
b. Web sites where it is safe to enter personal information begin with "https" — the "s" stands for secure. If you don't see "https" do not proceed.
c. Look out for URLs that begin with an IP address, like http://22.214.171.124/creditunion/update. These are likely phishes.
To test your skill at recognizing phishing Web address visit Phishing Phil.