Information Security
- Cyber Awareness - COVID-19
- Remote Access Security
- Zoom Protection
- Email Protection
- Phishing
- Password Protection
- Social Media Protection
- Public Wi-Fi
- Malware
- Physical Security
- International Travel
Phishing
Phishing is a form of social engineering. Phishing scams appear to originate from
a trusted source to trick a user into entering valid credentials or attempt to lure
you into revealing your username, password, and other personal identifying information
(PII), or clicking on a malicious attachment.
Attackers can use this information to:
- Steal money from victims (modify direct deposit information, drain bank accounts)
- Perform identity theft (run up charges on credit cards, open new accounts)
- Send spam from compromised email accounts
- Use your credentials to access other campus systems, attack other systems, steal University data, and jeopardize the mission of the campus
How Do I Report Phishing Emails?
- If you receive a Phishing Email:
- Please forward the message to [email protected]
- After reporting to [email protected], If you are using the Gmail interface, you can report phishing directly to Google:
- Sign in to Gmail.
- Open the message you'd like to report.
- Click the triple-dot icon next to Reply, at the top-right of the message pane.
- Select Report phishing.
- Delete emails and messages that ask you to confirm or provide personal information.
- Do not reply, click on the links, or provide any sensitive information / user credentials.
How Do I Spot Phishing Scams?
Be suspicious of all requests. Ask, "Is this real?" Use the following checklist to check for common signs of phishing messages:
- Message indicates urgent action is needed
- Message indicates negative consequences will occur if action is not taken
- Message is not expected
- Message sender is not known or a forged (spoofed) account
- Message cannot be read without opening an attachment
- Message requests sensitive information be sent
- Message directs users to "click here"
- Message uses poor grammar and/or spelling
- Sender from: name does not match message signature
- Sender email address does not match organization name
- Sender email address is not the same as the real address
- Sender name is not listed in the campus directory
Anatomy of a Phishing Email
Most phishing scams have a number of common components. Here are examples of phishing scams that might hit your inbox.
Phishing Email Sample - WHO Internship
Phishing Email Sample - UNICEF Internship
Phishing Email Sample - Financial Scam
Phishing Email Sample - Spoofed Contact
Getting Support
If you believe that your system or account has been compromised, please Report an Incident to [email protected]