Email Scams: Recognizing them
Over time, phishing attempts have become more sophisticated with increased quality of imitating a genuine email. Be aware of these warning signs:
- The message is unsolicited and asks you to update, confirm, or reveal personal identity information (e.g., SSN, account numbers, passwords, protected health information).
- The message creates a sense of urgency.
- The message has an unusual “From” address or an unusual “Reply-To” address.
- The (malicious) website URL doesn’t match the name of the institution that it allegedly represents.
- The message is not personalized. Valid messages from banks and other legitimate sources usually refer to you by name.
- The message contains grammatical errors.
Phishing Email Dos and Don’ts:
- DO call a company that you received a suspicious email from to see if it is legitimate, but DO NOT use the phone number contained in the email. Check a recent statement from the company to get a legitimate phone number.
- DO look for a digital signature/certificate as another level of assurance that senders are legitimate. Digitally signed messages will have a special image/icon at the subject.
- DO adjust your spam filters to protect against unwanted spam.
- DO use common sense. If you have any doubts, DON’T respond. Contact the ITS Help Desk if you have any questions.
- DON’T open email that you have any suspicion may not be legitimate. If it is legitimate and the individual trying to contact you really needs to, they will try other means.
- DON’T ever send credit card or other sensitive information via email.
- DON’T click the link. Instead, phone the company or conduct an Internet search for the company’s true web address.
- DON’T open email or attachments from unknown sources. Many viruses arrive as executable files that are harmless until you start running them.
For more information visit our Spam and Phishing alerts page where you can see examples of messages being received by the campus.