Phishing is a type of cyber‑attack that uses fraudulent e‑mails, messages, or websites to deceive individuals into disclosing personal information (such as passwords or card numbers).

Example: an e‑mail purporting to be from a bank that requests your password.

When you receive an e‑mail, routinely check for the following suspicious indicators.

Sender (From):

1. Verify whether the message originates from an unknown or suspicious address.
2. Examine the sender’s address for subtle manipulations or typographical errors (for example: @facebok.mn, @mazon.com, @rnongoldank.mn, @transbank.com etc.), or characters swapped to resemble a legitimate domain.

Recipient (To / CC):

1. Note whether you have been included together with many unknown recipients in the TO or CC fields, which may indicate a bulk or fraudulent message.

Subject Line:

1. Be cautious of subject lines that are alarmist, unusually attention‑grabbing, or that appear to be replies to messages you did not send.
2. A subject line that does not correspond to the e‑mail’s content is suspicious.

Message Body:

1. Promises of prizes, rewards, or lottery winnings that seem too good to be true.
2. Messages that create urgency or fear and demand immediate verification of information (e.g., “Your account has been hacked,” “Your access will be suspended”).
3. Attempts to persuade you to click links or open attachments.
4. Requests that pressure you to act within a short timeframe.

Links (URLs):

• Hover your cursor over any link to preview the actual destination before clicking. A link that appears as www.amazon.com may instead redirect to www.xyzabc.net, a suspicious IP address (e.g., 160.154.156.*), or another fraudulent URL.

• Be wary of emails that contain links with no visible anchor text or only a bare URL.

• Pay attention to subtle domain variations intended to deceive (for example: transbank.com, transbankmn.mn, trans-bank.mn); do not assume similarity implies legitimacy.