Alvaro Gonzalez Cyber security expert for BAT writes
Phishing is a cybercrime that seeks to steal and/or access confidential information. Criminals pose as large companies, clients, co-workers, family members, among others, to convince you or create the urgency to voluntarily hand over your information and/or download or access malicious content. These attacks play with the absent-mindedness and the personification of an entity and/or person you trust, so you always have to remain alert.
Tip 1: Many of the phishing attacks are perpetrated by criminals whose English is not their first language.
Look at the spell of the message or the website.
Tip2: Think twice about the data they are asking you for; if the level of privacy of the data requested by the website is exceeded with its functionalities, it is likely a phishing attack,
Tip 3: If you suspect an email from your inbox, mark it as spam and forward it to firstname.lastname@example.org to review it. If it turns out that it is not a phishing email, you can unmark it as spam.
Tip 4: If you have shared information or have clicked and/or downloaded a file from an email that you suspect is a phishing attack, follow the following protocol:
security lead at BAT