April Fool's is all fun and games, until it comes to your cybersecurity! Beware of phishing scams and don't let an online jester fool you into revealing your sensitive information.

Contrary to what the word "Phishing" alludes to, it does not involve a day out on the lake and catching a 12-pound bass. It does, however, refer to a specific type of social engineering attack where a hacker falsely identifies themselves as a legit enterprise in an attempt to steal private information. 

Follow these five signs to help spot a phishing scam and avoid getting played: 

1. Unofficial Sent "From" Address

Double check the sent "from" email address to ensure authenticity. Scammers often sign up for free email accounts that mimic a company's official email address. Examples include wellsfargo@gmail.com, joe@paypal25.com and officialtamuaggies@gmail.com. If you're still unsure, refer to previous emails you have received from the legit company. 

2. Generic Greeting

Real companies know their customers by name! Pay attention to identifiers like "Dear Customer", "Dear Client" or "Dear Member." If there was a legitimate problem with your account, the company would address you personally. 

3. Grammatical Errors 

Legit companies know how to spell. Keep your eyes open for misspelled words, random capitalizations and phrases that do not make sense. This is one of the easiest ways to spot scam emails! 

4. Urgent Action Required

Scammers prey on time-sensitive situations to trick people into reacting immediately. Be wary of emails that contain phrases like "urgent action required" and "your account will be terminated."

5. Fake Website Links 

Double check any website links, BEFORE you click. Malicious websites can look almost identical to a legit site, but contain a different variation in spelling or use a different domain (.net vs .com). Hover over the link in the text (without clicking!) to check where the link is actually sending you. If the link in the text isn't identical to the URL displayed, it is not authentic! Similarly, if the URL seems off and doesn't match the content of the email, trust your gut and don't click it.

Pro Tip: To ensure your security, hover your mouse over the link to check that the URL begins with https://. The "s" in https stands for secure! 

Most importantly, remember legitimate companies will never ask you to provide sensitive information (ex. social security numbers or passwords) via email. If you still question the authenticity of an email, call or visit the company's trusted website to contact them directly about your problem.