Phishing Messages

Phishing is an attempt to acquire account-sensitive information by a seemingly trustworthy entity through means of some electronic correspondence.

Recognize Phishing Messages

If you suspect an e-mail to be a phishing attempt, consider the following:

  • Request for Personal Information - legitimate companies should never ask you to provide your username, password or bank account information by replying to an email message or clicking on a link within a message. Just don't do it!
  • Urgent/Threatening Language - phishing messages are intended to alarm and often contain threats if you don't take immediate action. "You MUST click on this link or your account will be canceled" is an example.
  • The Greeting - Look at the message greeting. Some fake messages use general greetings like "Dear Webmail User," "Attention Citibank Customer," "Paypal Member," or no greeting at all. While not always obvious, the greeting might provide a hint.
  • URL's Don't Match - place your mouse over the link in the message. If the URL displayed does not match the text of the link, or the business or organization mentioned -- run, it's probably fake.
  • Look at the Sender - this is more difficult because it's easy to disguise the sender's address -- but if the message is warning about your SPU webmail account, and the sent address is from another campus or business, the message is probably fake. In recent years, scammers will get the sign-in details of SPU users, and then use their account to send out more phishing emails - trying to add a sense of legitimacy to the phishing attempt. If you get an email from an SPU user that you don't know, be extra diligent in reading the contents of that email. Don't give the benefit of the doubt just because the sender is an SPU account.
  • Avoid the Obvious - phishing messages that contain misspellings, poor grammar and/or punctuation errors are dead-giveaways. If you don't have a Citibank credit card, don't respond to those messages.
  • Watch for Attachments - some phishing messages include attachments that contain malicious code. Don't open email attachments that you aren't expecting.
  • Making offers - Typically a phishing email will make uncommon offers that sound too good to be true and will appeal to the needs of the recipient. These are typically similar or have the same flow as the Nigerian Prince scam.
  • Splash page that looks like SPU's - More advanced phishing emails will actually build out a website that tries to steal your sign in details. They do this by creating a website that looks similar or identical to the SPU home page, but it has a different URL. They have a user sign in thinking it is the SPU sign in, and then will save the sign-in credentials, and then redirect the user to the real SPU sign-in page. If you accidentally submitted your credentials to one of these websites, contact the CIS HelpDesk immediately.

Remember, SPU will NEVER ask for your passwordl.

Manage Phishing Messages

  • If you receive what you believe to be a phishing e-mail, and you have not clicked on any attachments, links, or shared any information in the email, you may delete the e-mail.
  • If you believe an account to be compromised as a result of phishing, immediately change the account password and monitor the account for any suspicious activity.
  • If you believe something to be a phishing e-mail, you may always report it to the CIS HelpDesk for confirmation and/or remediation en masse by CIS Staff.

Phishing Examples

Example 1: Storage alertsExample 2: System upgradeExample 3: Direct Deposit/ Personal Financial InformationExample 4: Job/Internship Offer

Presentation on a Recent Phishing Attempt: