Browse By Category

Skip to end of metadata
Go to start of metadata

About Phishing

Phishing is defined by Google as follows:

"the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers."

In a nutshell, phishing is the practice of pretending to be something or someone that one is not in order to trick users out of sensitive account information for malicious purposes.

Identifying phishing emails:

  1. Verify the sender
    1. If you verify who the email in question is from, you can generally spot a phishing e-mail before ever reading the content.
      1. If the e-mail sender is unfamiliar, DO NOT click or open any links or attachments contained in the message body; if you have clicked the link or entered any sensitive information, please contact your IT department for help.
    2. Some users do use their personal email accounts to conduct their business activities; while this is not a recommended practice, be mindful that it does occur. Keep in mind:
      1. Most users identify their personal emails for work with their full name or known name.
      2. Even if a familiar user has sent the unusual email, never follow a link that you are not certain about, not even from a colleague as email accounts of all types may be hacked or spoofed.
    3. In the case of spoofing or hacking, if you have received a suspicious message from a colleague, particularly their work account, please alert IT immediately so that we may contact the user and proceed to help secure their account.
  2. Verify the content of the suspected email
    1. You should never be asked to provide sensitive account information, such as passwords or log-in information, via email by UNCSA or any other credible institution.
      1. If the email is asking you to view sensitive documents or to provide sensitive information, please DO NOT download any files or click any links.
    2. You should never be coerced via email to update your account information in any way via an unknown link.
      1. If the message holds an uneasy sense of urgency or feels threatening in tone, it is most likely a malicious email.
      2. If urgent emails are to be sent out to the campus, there would be an official announcement made beforehand to alert you; if there is no such announcement, be wary of clicking any links in the message content.
    3. Check for grammar errors and spelling mistakes. Phishing emails tend to have these errors in both large or short messages.
    4. Hovering the cursor over a link (DO NOT CLICK) provides the actual address of where that link shall send you. If it is not anything related to UNCSA or its associates, report the link right away.
  3. Ask.
    1. If you are unable to ascertain the validity of a strange email yourself, please forward it to someone who can assist you. The IT Help Desk is always happy to answer your concerns.


Other Helpful Tips:

  • NEVER click links in unfamiliar e-mails; hover your cursor over the link to verify the link's path.
  • Avoid clicking or downloading attachments such as .zip files as these file types are the easiest to use for computer infections.

Related Articles

Page viewed times