Reviewed 2026-07-15

How to recognize phishing

Phishing uses urgency, emotion, and impersonation to push a recipient into acting before checking the source.

Pause before acting. Do not use links, phone numbers, or apps provided by a suspicious sender.

What to check first

Use the points below as a decision checklist, not as a guarantee. Criminal campaigns change quickly and may use correct names, logos, and details taken from earlier breaches.

  • unexpected urgency
  • a request to sign in through a link
  • a request for a code or payment
  • a similar but non-identical domain

A safer sequence of actions

  1. Stop the current interaction. Do not click again, reply, pay, or install software.
  2. Open the official service independently by typing a known address or using an installed app.
  3. If credentials, payment data, or device access were exposed, start the incident plan immediately.
  4. Preserve evidence and use the official reporting channel in your country.
Reserved advertising area — never placed beside emergency controls or results.

What this guide cannot determine

No checklist can prove that a message, website, caller, or device is safe. When money, identity, or account access is at risk, verify through an independent official channel and seek qualified help when needed.

Sources and review date