Phishing is when cybercriminals attempt to trick individuals into revealing sensitive information or performing actions that compromise their security, typically through fraudulent emails, text messages, or websites that appear to be legitimate but aren’t.

These include attempts to spend money unnecessarily (e.g., a request to buy gift cards as incentives) or to divulge personal information about yourself (e.g., by sharing your phone number). 

Please be advised:

• Solace will never ask you for money, gift cards, or anything else.
• If you receive a phishing communication (you aren't 100% sure it's from who it says it's from), please do not click any links, attachments, or engage with it in any way. Instead, reach out to that individual or brand directly to confirm if they sent this to you. 

How to spot phishing attempts:

When in doubt, it's always best to err on the side of caution. Never open attachments, click links, or engage with the sender if you aren't 100% confident of their identity.

Here are a few tells that can help distinguish a phishing email from a legitimate one:

• The contact is unsolicited
  • You didn't ask for and have no reason to expect the offer or incentive they've sent you.
• The email sender domain is unfamiliar or odd. 
  • Observe who is listed in the “From” field to verify that the email address of the sender is from who it says it's from. Note: This detail alone cannot confirm legitimacy.
  • For example: If the message suggests it's from your bank, Wells Fargo, but the email address it was sent from is something like 14957384495959@somethingstrange.org, it is not from your bank. Contact them directly instead.
• It is requesting sensitive information
  • Legitimate sources will not ask you to provide personal or sensitive information through text or email.
  • Unexpected callers requesting this information? Do not engage. Hang up and contact the brand or person directly that they are claiming to be.
• Attachment formatting
  • Watch out for .zip, .exe, and .scr file types. If clicked, these can be attempts at installing malware.
• Hyperlinked addresses
  • The displayed name may say XYZ, but the link itself could be to something entirely different in an attempt to misdirect you to click through.
• Incorrect grammar, spelling, phrasing, typos, etc.
  • Legitimate, professional communications will be orderly and well buttoned. Texts and emails riddled with mistakes are likely not to be trusted.
• Emotional appeal
  • The message may include urgency, fear tactics, or other types of calls-to-action bait.