Cyber criminals generally use two methods to get your personal information. The first is getting you to reply to the phishing e-mail with your personal information. The other method is to get you to go from an e-mail to a Web site and enter your information.

Legitimate organizations, like Ball State, would never request this information of you via e-mail.

Here are some characteristics to look for when on a phishing Web site.

1. Poor resolution. Phishing Web sites are often poor in quality, since they are created with urgency and have a short lifespan. If the resolution on a logo or in text strikes you as poor, be suspicious.

2. Forged URL. Even if a link has a name you recognize somewhere in it, it doesn't mean it links to the real organization. 
    a.  Read URLs from right to left — the real domain is at the end of the URL. 
    b.  Web sites where it is safe to enter personal information begin with "https" — the "s" stands for secure. If you don't see "https" do not proceed. 
    c.  Look out for URLs that begin with an IP address, like  These are likely phishes.

To test your skill at recognizing phishing Web address visit Phishing Phil.