What Is Phishing and Why Does It Happen?
“What is phishing” is a question many computer users ask after getting a strange email. The name comes from the idea of “fishing” — criminals cast a large net (sending millions of emails) hoping that someone will “bite.”
Phishing emails try to trick you by:
- Pretending to be a trusted company, like Apple, Amazon, or your bank
- Using fear or urgency to push you into clicking a link
- Asking for personal details you would normally keep private
Cybercriminals want:
- Money
- Passwords
- Access to accounts
- Your identity information
Even thoughtful people can fall for phishing because the messages look professional and familiar.
How Phishing Emails Try to Trick You
Phishing attacks are successful because they play with emotions:
| Trick | Why It Works |
|---|---|
| Fear — “Your account will be locked!” | Makes you feel pressured and less careful |
| Urgency — “Do this now!” | Stops you from thinking before clicking |
| Reward — “You earned a gift card!” | Makes you excited and willing to click |
| Authority — “This is your boss…” | You assume it must be real |
If a message tries to rush you, that alone is a warning sign.
Step 1: Look Closely at the Sender’s Email Address
Cybercriminals often change a few letters to make an email look real.
Examples:
- Real: [email protected]
- Fake: [email protected]
- Uses a believable word but the domain is different.
- Real: [email protected]
- Fake: [email protected]
- Adds a suffix that sounds legit but isn’t the official domain.
- Real: [email protected]
- Fake: [email protected]
- A homoglyph substitution (zero for o) — visually similar but different.
- Real: [email protected]
- Fake: [email protected]
- Has a different ending (called a Top-Level Domain, or TLD) and added words that make it seem legitimate.
- Real: [email protected]
- Fake: [email protected]
- Character swap/homoglyph attack to trick readers.
Step 2: Watch for Grammar and Spelling Problems
Real companies have editors and proofreading. Criminals do not.
Warning signs:
- Strange sentence order
- Incorrect company names
- Generic greetings like “Dear Customer” instead of your name
If the writing feels clumsy or robotic → stay cautious.
Step 3: Hover Over the Link Before You Click
Never click right away — hover your mouse over the link first.
Apple Mail will show the real website address, and it must match the company:
| Looks Like | Real? |
|---|---|
| https://www.apple.com | ✅ |
| http://apple.com-login-support-info.ru | ❌ |
If the address is confusing, long, or has extra words → don’t trust it.
Step 4: Never Open Unexpected Attachments
Attackers hide malware in attachments.
If you weren’t expecting a file — delete the message.
Step 5: Think Twice and Stop Rushing
Before clicking anything, ask:
- Does this message make sense?
- Am I expecting an email like this?
- Could I confirm this another way?
Slow thinking = safer browsing.
Table of “Real vs. Fake” Email Examples
Practice spotting the clues:
| Email Address | Message says | Link preview | Real or Fake? | What’s wrong? |
|---|---|---|---|---|
| [email protected] | “Your receipt from Apple” | apple.com | ✅ Real | Normal, expected message |
| [email protected] | “Package delivery update” | canadapost.ca/track | ⚠️ Maybe | Check if you are expecting a package first |
| [email protected] (capital i instead of L) | “Apple ID locked!” | verify-appleid.com | ❌ Fake | Scary language + fake domain |
| [email protected] | “Payment issue!” | amaz0n-help.net | ❌ Fake | Misspelled brand, non-official website |
| [email protected] | “Buy gift cards for me” | shortened bit.ly link | ❌ Fake | Criminals impersonate coworkers |
If something looks strange in any column, treat it as FAKE.
Helpful Security Tools in Apple Mail
Your Mac includes features to help keep you safe:
| Tool | What It Does | Why It Helps |
|---|---|---|
| Link preview | Shows the real destination of a link | Helps you catch fake websites |
| Junk Mail Filter | Moves dangerous emails automatically | Reduces accidents |
| “Block Sender” | Stops repeat spam | Less future phishing |
| Fraud warnings in Mail | Alerts you to unusual messages | Extra safety check |
What to Do If You Think It’s Phishing
Here’s your action plan:
- Do not click anything
- Do not reply
- Delete the message
- Report Apple ID scams:
➜ Copy this into Safari: support.apple.com/report-phishing - If you accidentally clicked:
➜ Immediately change your passwords
No need to panic — quick action helps a lot.
Smart Habits to Keep You Safe
Make these rules part of everyday Mac use:
STOP — LOOK — THINK
Check the sender
Hover over the link
Ask: “Does this make sense?”
If you have any doubt → back out.
Final Thoughts
You now understand what phishing is, why cybercriminals use it, and how to protect yourself using simple tools already built into your Mac. By watching the sender’s address, hovering over links, and slowing down before you click, you can stop most phishing attacks before they cause any harm.
The more you practice these skills, the easier and faster it becomes to spot a fake email. Staying calm, thinking carefully, and trusting your instincts will help keep your Apple ID, your Mac, and your personal information safe.
If you live in the London, Ontario area and want help staying safe online — or you’d like someone to check your Mac for phishing or security risks — click the button on this page for expert local support.You don’t have to handle online threats alone — help is right here when you need it.