What is Phishing?

"Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking, and credit card details, and passwords. The information is then used to access important accounts and can result in identity theft and financial loss." www.phishing.org

How to Detect Common Phishing Attacks

In the following example, the email sender is unrecognized:

The email is trying to create a sense of urgency to inspire action. Wanting you to do something now. Additionally, the email has improper grammar and extraneous requirements for passwords.

An example of a phishing email

The following is an example of the unsecured fake website vs the secured site:

A fake website that has no logo and spelled username as two words

How to Protect Yourself

Check the Sender's Email Address

Hover over the sender name to see additional details. Make sure the name and email are legit and the sender is someone you recognize.

Info that displays when hovering over the email sender's name

Be Cautious of Links Contained in Emails—Think Before You Click!

Hover over the links in an email to see what website address each is pointing to. Do they point to the website they're supposed to? A phishing email may claim to be from a legit site but the links in the email lead elsewhere.

When in doubt, go directly to the website by typing the website address in your browser's address bar rather than clicking a link in the email you received.

Be Wary of Email Attachments

Only open attachments that come from known senders. Attackers want you to open their email attachments—this is one way they try to install malware on your computer. If the attachment wants you to enable macros or content it is likely trying to install something on your computer. Never click/enable macros or content from unknown sources.

What Should I Do if I Receive a Suspicious Email?

Send any suspicious emails to phishtank@fitchburgstate.edu.

Test Your Awareness

Try out Google's test to see how well you know phishing.