Cyber criminals generally use two methods to get your personal information. The first is getting you to reply to the phishing e-mail with your personal information. The other method is to get you to go from an e-mail to a Web site and enter your information.

Legitimate organizations, like Ball State, would never request this information of you via e-mail.

Here are some characteristics to look for when on a phishing Web site.

1. Poor resolution. Phishing Web sites are often poor in quality, since they are created with urgency and have a short lifespan. If the resolution on a logo or in text strikes you as poor, be suspicious.

2. Forged URL. Even if a link has a name you recognize somewhere in it, it doesn't mean it links to the real organization. 
    a.  Read URLs from right to left — the real domain is at the end of the URL. 
    b.  Web sites where it is safe to enter personal information begin with "https" — the "s" stands for secure. If you don't see "https" do not proceed. 
    c.  Look out for URLs that begin with an IP address, like http://12.34.56.65/creditunion/update.  These are likely phishes.

To test your skill at recognizing phishing Web address visit Phishing Phil.