What is phishing?
Phishing is a cyber-crime where individuals are contacted via email by someone posing as a legitimate business or institution. These emails may contain links to fake institution websites whose look and feel is identical to the legitimate one. Some of these fake websites are so well done that it’s almost impossible to tell them apart unless you look at the URL.
How to detect a phishing email?
You can identify phishing email attempts through a few common methods including:
- Match the sender's name to email address:
If the emails do not contain your name, you should be suspicious. Generally, these emails will address users as “Dear Customer” instead of using proper and valid names.
- Hover over weblinks before you click:
When phishers send you a link to your bank’s homepage and you click on the link, you will be sent to a different phishing website which looks very much like the official website. On the site, you will be provided with spaces to enter personal information like credit card numbers, SSN, PIN, password, date of birth, and so on. Once you submit the information, the phishers gain access to this personal information which can be used to conduct online transactions, or even to submit loan applications in your name.
- Read the email carefully before clicking:
Phishing scams often include lucrative offers and eye-catching or attention-grabbing statements in the emails. Don't be fooled by these bogus claims and take the time to read the email carefully before clicking on links or providing information.
- Watch for urgent emails:
A favourite phishing tactic is to ask you to act fast because the super deals are only for a limited time. Some of them will even tell you that you have only a few minutes to respond.
What else can I do?
If you receive a phishing email please forward the phishing email to firstname.lastname@example.org or use the Report a Phish button located in the top-right corner of the email, if available. Once received we will use this information to block the sender and the phishing link on campus to prevent others from accidentally following the link.
ICT has also created a location to store all reported phishing attempts for students, faculty, and staff to view the latest and most common phishing emails making the rounds.
Current Phishing Attempts at the U of S