How to Avoid Phishing Attempts and Scams

Last Updated on February 23, 2023

Recognizing and avoiding phishing attempts and scams has become even more important since the shift to remote work. Phishing attempts are serious security concerns and unfortunately, foreign national students, scholars and employees are often the target of these attempts and other security risks. 

To help bring attention to this issue, Envoy Global, Global Immigration Associates and Corporate Immigration Partners are sharing more insights on phishing attempts and ways employees can keep themselves and their information safe. 

Three things to know about phishing scams, how they work and how to avoid them

What is a Phishing Attempt? 

According to Norton, a phishing attempt is when a scammer tries to obtain sensitive information from a user. These attempts often involve a scammer pretending to be a trustworthy person or service. 

Why Are There Phishing Attempts? 

Scammers hope to trick unsuspecting individuals into sharing personal information. Scammers will also try to target foreign national employees with the assumption they are not as familiar with online systems and services in the U.S.  

How Do Phishing Attempts Work?  

An example of a common phishing attempt is for a scammer to send an email to an employee pretending to be the company CEO. Email phishing tries to trick users into clicking fake links designed to collect personal information, such as password and username combinations. 

There are also phishing attempts specific to immigration. For example, scammers may contact foreign nationals via email or phone and state they are from any number of U.S. agencies, such as U.S. Citizenship and Immigration Services (USCIS), the Department of Homeland Security (DHS), Internal Revenue Service (IRS) or even the Federal Bureau of Investigation (FBI). 

Scammers may have at least one piece of personal information about their target. These scammers are typically aggressive in tone, and they use high-pressure tactics on their targets.  

How to Avoid Phishing Attempts and Scams 

Here are a few tips to help employees remain vigilant against phishing attempts and scams: 

  • If you suspect a scammer is contacting you, please reach out to your employer or your Envoy team. Do not provide any personally identifiable information until you are able to validate the source. We can help identify legitimate forms of contact.
  • Never forward suspicious emails or click on any links within an email as that could make the phishing attempt more widespread at your organization.
  • If you receive an email from a source claiming to be part of the government (USCIS, IRS, etc.), they should have a “.gov” email address. Phishing attempts often have suspicious email addresses.
  • During tax season, there is often an increase in scams and phishing attempts as individuals will pretend they are part of the IRS. While the IRS is certainly a legitimate agency, please take precaution to ensure you are receiving correspondence from the legitimate IRS. (Ex: the IRS will almost never email you or call you on the phone demanding payment, they typically correspond via certified mail).
  • Store your Social Security card securely. Always take precaution when sharing your Social Security Number (SSN) and ensure you are sharing in a secure way with a legitimate source.  

More information is available on the USCIS’s Avoid Scams webpage.

Envoy is pleased to provide you this information, which was prepared in collaboration with Sara Herbek, who is the Managing Partner at Global Immigration Associates, P.C. (, Envoy’s affiliated law firm.

Content in this publication is not intended as legal advice, nor should it be relied on as such. For additional information on the issues discussed, consult an Envoy-affiliated attorney or another qualified professional.