Tip:
Highlight text to annotate it
X
Often while checking your email, you may come across messages that appear to be from people
or organizations that you know and recognize; including friends, your bank, or favorite store.
The emails may make an urgent appeal for your immediate action; then persuade you to provide
private information, such as your bank account or Social Security number, or perform a task
such as downloading an attachment or clicking a link.
You follow the instructions, and before you know it, a criminal has seduced you into giving them your personal information, or downloading
and infecting your computer with a virus. These are classic examples of phishing,
a malicious attack cyber criminals carry out against millions of people every day.
In the war against these criminals, you are your own best defense. By learning how to spot a
phishing attempt, you will be best equipped to defeat them. Here are some tips on...
How To Spot A Phishing Attempt
1. Check email addresses
Do the TO: or CC: bars contain addresses of people you do not recognize?
Is the address from a Gmail or Hotmail account?
This could be an immediate warning sign that the sender is not who they claim to be.
2. Generic Salutations
If this message is from your personal bank or credit card, would they address you as “Dear Customer” instead of your real name?
This should set off more warning bells.
3. Poor Grammar/Spelling
A professional and competent organization should never send out a message to its customers without proper proofreading.
Be suspicious!
4. Request for immediate response
Phishing attempts will often create a sense of urgency to trick you into making decisions without thinking.
If you see something like this, stop, and think before responding.
5. Requests for private information
Legitimate organizations will never ask for your personal information in an email. This should be another red flag.
6. Unrecognized links or attachments
Never click on a link or attachment you do not expect or recognize. To check a link’s source, hover your mouse over the link and its source
should appear. If the source doesn’t match what’s in the email, the message could be a fake.
7. You just won A NEW CAR!
If it sounds too good to be true - it’s probably a phishing attempt.
8. Emails from acquaintances
Even if you get a message from a friend or acquaintance, it doesn’t mean they sent it.
Hackers can compromise your colleagues’ accounts and use them to send you messages. If you receive a suspicious email from a friend,
call them on the phone to confirm that it is legitimate.
You can also contact the ITS Help Desk if you suspect the authenticity of a message.
Please report all phish to abuse@uidaho.edu.
When possible, please include the message headers or send the message as an attachment.
If you have provided your credentials to a linked webpage, please change your password immediately, and contact the ITS Help Desk at
helpdesk@uidaho.edu.
More information about phishing is available at: http://www.uidaho.edu/its/security/phish