1-Most companies will not ask for sensitive data from its customers. If in doubt, users should verify with the company itself to avoid any potential issues.
2-Most companies use a single domain for their URLs and emails, so a message that originates from a different domain is a red flag. As a general rule, users should not click links or download files even if they come from seemingly â€œtrustworthyâ€ sources.
3-Any mentions of operating systems and software that are not typically used by consumers can often be indicators of a URL obfuscating attempt. If it seems suspicious, it probably is. Users should always err on the side of caution when it comes to sending out personally identifiable information through messages and emails.