# Recognising and Analysing Suspicious Messages (User Guidance)

Your awareness is a key part of the security chain. Knowing how to spot a fraudulent message can protect you and your customers. Here are common signs of phishing (email) and smishing (SMS).

### **General Principles of Verification:**

* **Be Skeptical:** Always treat unsolicited messages that ask for action or information with caution.
* **Don't Rush:** Attackers often create a false sense of urgency. Take a moment to think before you click.
* **Verify the Sender:** If a message claims to be from a known company, try to verify it through an official channel (e.g., by visiting their website directly, not by using links in the message).

### **Common Signs of Smishing (SMS Phishing):**

* **Urgent Alerts:** Messages about a supposed package delivery issue, a problem with an account, or a prize you've won.
* **Suspicious Links:** Often use generic URL shorteners (like bit.ly) to hide the true destination. 

{% hint style="success" %}
**Note:** Links generated within the MessageFlow platform use our own safe shortener, **ide.do**, and can be trusted.
{% endhint %}

* **Requests for Personal Information:** Legitimate companies will rarely ask for your password, credit card number, or other sensitive data via SMS.
* **Impersonation:** Pretending to be a government agency, a bank, or a well-known delivery company.