More information found here:
Barracuda.com | Blog
Department of Homeland Security–CISA
When Internet criminals impersonate a business to trick you into giving out your personal information, it’s called phishing. Do not reply to email, text or pop-up messages that ask for your personal or financial information. Don’t click on links within them either—even if the message seems to be from an organization you trust, like Andrews University—It is not! Legitimate businesses don’t ask you to send sensitive information through insecure channels.
Malicious email typically uses urgent language, asks for passwords, bank account numbers, user names, credit card numbers or other personal information; and may have grammatical, typographical or other obvious errors.
What happens if I am scammed?
If you think you gave personal information in response to a phishing email or on a suspicious webpage, your account may be compromised.
Report Possible Phishing Scams and IT Security Incidents
If you have received an email that you believe is a potential phishing scam, it is important that you report the incident(s) as soon as possible so that work can begin to investigate and resolve them. Forward the suspected phishing email to the ITS Helpdesk at firstname.lastname@example.org. IT security incidents include but are not limited to items listed in 1:762:10 General Guidelines of the Andrews University Computers & Networks Policy.
Still Not Sure?
The following links are well-known services to check domains for reports of phishing, scams and spam email. They let you search for websites and domains that have been reported by others as being good or bad.