skip to main content
Menu
Information Technology

Phishing

Phishing LogoPhishing is a form of social engineering. Phishing scams appear to originate from a trusted source to trick a user into entering valid credentials or attempt to lure you into revealing your username, password, and other personal identifying information (PII), or clicking on a malicious attachment.

Attackers can use this information to:

  • Steal money from victims (modify direct deposit information, drain bank accounts)
  • Perform identity theft (run up charges on credit cards, open new accounts)
  • Send spam from compromised email accounts
  • Use your credentials to access other campus systems, attack other systems, steal University data, and jeopardize the mission of the campus

How Do I Report Phishing Emails?

  1. If you receive a Phishing Email:
  2. After reporting to [email protected], If you are using the Gmail interface, you can report phishing directly to Google:
    1. Sign in to Gmail.
    2. Open the message you'd like to report.
    3. Click the triple-dot icon next to Reply, at the top-right of the message pane.
    4. Select Report phishing.
  3. Delete emails and messages that ask you to confirm or provide personal information.
  4. Do not reply, click on the links, or provide any sensitive information / user credentials.

 

How Do I Spot Phishing Scams?

Be suspicious of all requests. Ask, "Is this real?" Use the following checklist to check for common signs of phishing messages:

  1. Message indicates urgent action is needed
  2. Message indicates negative consequences will occur if action is not taken
  3. Message is not expected
  4. Message sender is not known or a forged (spoofed) account
  5. Message cannot be read without opening an attachment
  6. Message requests sensitive information be sent
  7. Message directs users to "click here"
  8. Message uses poor grammar and/or spelling
  9. Sender from: name does not match message signature
  10. Sender email address does not match organization name
  11. Sender email address is not the same as the real address
  12. Sender name is not listed in the campus directory

 

Anatomy of a Phishing Email

Most phishing scams have a number of common components. Here are examples of phishing scams that might hit your inbox.

Phishing Email Sample - WHO Internship

Sample Phishing WHO Internship

 

Phishing Email Sample - UNICEF Internship

Sample Phishing Email UNICEF Internship

 

Phishing Email Sample - Financial ScamSample Phishing Financial Scam

 

Phishing Email Sample - Spoofed Contact

Sample Phishing Spoofed Contact

 

Getting Support

If you believe that your system or account has been compromised, please Report an Incident to [email protected]