Spot phishing in 60 seconds

Phishing is a scam that tries to make you act quickly: click a link, open a file, type a password, share a code, or pay. The message may look like your bank, post office, courier, colleague, or police. The real question is not "does it look real?", but "can I verify it without using this link?". The Swiss NCSC tracks many suspicious pages because fake sites copy real services. The Italian Postal Police reminds people that banks do not ask for credentials or codes by email, phone, or SMS.

Check for urgency, strange links, language mistakes, suspicious sender addresses, and unexpected attachments. A visible sender name is not proof. Look at the real domain behind the link and the email address after the @ sign. ZIP files, HTML files, documents with macros, or "invoice" attachments you did not expect are strong warning signs. The Italian Postal Police warns that fraud emails may look close to real ones and advises not opening attachments unless the origin is certain.

First: look at the domain, not the sender name. Second: do not click if you can go manually to the official site or app. Third: if the message feels urgent, become more suspicious, not less. Scams work by creating fear. The FBI advises people to find the company's number themselves and verify through official channels, not through contacts inside the suspicious message.

Example 1: a fake "urgent fax" email. CSIRT Italia described a campaign that led victims to a fake Outlook Webmail login. Example 2: a fake blocked bank card asking for password or SMS code. Example 3: a fake courier asking for a small customs payment. In all three cases the pattern is the same: hurry, a link, and a request for private data.