Departments and Courses

What is Phishing?

Phishing occurs when someone attempts to use electronic communication such as email to fraudulently acquire confidential information such as your password by pretending to be a trusted person or part of a trusted group.

How does phishing work?

Phishing is a form of social engineering, the art of manipulating people into sharing confidential information or performing a desired action. Phishing attacks are commonly transmitted via email and social network sites like Facebook and Twitter.

How will they encourage me to share my information?

Phishers typically present a plausible scenario and often take advantage of the recipient’s fear, greed or lust. They also often present a sense of urgency. Examples include messages that:

  • Tell you that your account was misused by you and will be disabled
  • Tell you that your account was compromised and will be disabled
  • Tell you that your Mailbox has reached its limit and will be disabled

What might the phisher ask for?

  • Your password
  • Account number, card number, PIN, access code
  • Personally identifiable information like your date of birth, Social Security number or address
  • Confidential information like student records, financial records or technical information

Signs of a potential phishing attack

If the communication you receive exhibits any of the following, it may be a phishing attack.

  • You are asked for confidential information
  • You are asked to visit a web page with a suspicious or unexpected address
  • You do not recognize the sender or the sender does not normally contact you
  • You recognize the sender, but the sender’s email address, alias or name spelling are unusual
  • You’re told something negative will occur if you don’t supply the requested information
  • The writing style is unusual

How to protect yourself

  • Ask yourself whether you should be sharing the information requested
  • If the supposed sender is someone or an organization known to you, contact them to discuss the request
  • Use a browser that alerts you when you attempt to visit known phishing websites
  • Before you click a link, inspect it
  • If unsure of a link’s authenticity, use a link you know or find the link via a search engine

More Articles ...