We've all been there; an email comes across our inbox that just doesn't seem quite right. Many times it may be an oddly specific request, or a ridiculously unbelievable story (does a rich foreign beneficiary asking for you bank account information to deposit his recently-inherited funds into your account, ring a bell?). Let's be honest, we wouldn't do that for our own Mothers without first double checking, right?
Well the best "phishermen" know it's time to change up the bait. The latest trend has been "going big", with hackers/phishers sending out spam made to look like a message from a multinational company, like Apple, Facebook, or Google. Not to belabor the point, but you've got a better chance of getting struck by lightning than a multinational tech company randomly reaching out to you about a specifically personal piece of information. A great rule of thumb is knowing ahead of time, that no legitimately company is going to ask you to send your personal login information of any kind over email, text, or the phone. In fact, these companies are constantly looking for ways to strengthen the security of their login portals. With all the effort going in to fortifying the login process, it wouldn't make sense to bypass all of those measures and directly ask you to give your sensitive information via a non-secured method like e-mail.
If you're still unsure about the legitimacy of the correspondence, whether email, text, phone, etc., take a second to do your homework. Look up the company's posted contact information on their website and compare to what you've received. Never, under any circumstance, click a link that might get sent to you in the message. If you're still unsure, just send their support a quick message asking about the legitimacy of the message you've received and see what they say. Heck, we'll consult you on it if you need us to!
The best rule of thumb is just to use your common sense above all else. If it seems a little too weird to be legitimate, unfortunately the chances are it probably isn't.