Today I received an #email pretending to be from our host at work (Rackspace). It claimed that I've reached my limit and I had to click a link to address this issue, otherwise my account would be suspended.

There were obvious tells that this message was completely phony and likely a #phishing scam. Per the FTC, phishing “is when a scammer uses fraudulent emails or texts, or copycat websites to get you to share valuable personal information – such as account numbers, Social Security numbers, or your login IDs and passwords. Scammers use your information to steal your money or your identity or both.”

I knew today's email was malicious because:

• Even though the message claimed to be from Rackspace, it was not sent from someone with a Rackspace email domain. It came from a random user from a random email domain.
• It was not addressed to me specifically. It started “Dear User.”
• It contained several spelling and grammatical errors.
• The URL previewed when I hovered my mouse pointer over the Please click here link in the email body was a random URL, not something specific for Rackspace.

Legitimate emails from actual companies will come directly from the companies. They will never ask for your personal information or ask you to visit a website other than the company's trusted site. The email's text will also be clear, professional sounding, and free of spelling and grammatical errors.

While this one was blatant, some I've seen are pretty convincing. A few weeks ago I received an email from “Amazon.” I had to read it a few times and think about my recent orders; it was close to Christmas.

If you receive such a message, don't click on anything, don't reply, don't share any details. Some malicious emails may come with file attachments (word processing documents, PDFs, EXE files, etc.); don't download anything. In all cases, simply delete the email. Also, don't forward the message to support, as there's a risk the person you send it to clicks what shouldn't be clicked.