Is This Real? How to Spot Phishing Emails…

September 2, 2013

You’ve just received an email saying that your account is about to be shut down unless you act, now. How do you know if you should? Below are some quick tips for identifying whether the email you’ve received is real, or just another clever fake.

Tip #1: Check the “from” email account

Often the “from” name will reflect the college or ITS, but the email account used will not match the sender and/or will not be from an snc.edu account at all, like in the example below.

phishing-from

Tip #2: Look carefully at the links

The links in phishing emails will not go to an snc.edu location. Generally this is pretty obvious, like in the example below. Sometimes, however, the link might look like it’s from snc.edu, but hovering over it with your cursor will show a different destination. If the two don’t match and the destination URL is not in the snc.edu domain, DON’T click it!

phishing-link

Tip #3: Never give out a password, ever

We will NEVER ask for your password in an email. EVER. Anything that asks for a password in the email itself can automatically be dismissed as a fake.

phishing-content

Tip #4: Review the email content, closely

Phishing emails are often written to sound official, but frequently are just confusing. Look at the language closely. Is the language and tone consistent with other ITS communications? Note the copyright in the email example above (we never do that), and the confusing sentence structure and use of the word “university” in the sample below. The sample below also is addressed to “St. Norbert College member”, a term which we never use, and presumably comes from “St. Norbert College credit card security”, a department that does not exist here.

phishing-language

Still not sure if you’ve received a real or fake email?

Here are some additional things you can do to avoid getting “phished”:

  • Instead of clicking on any links in an email, open a web browser and go to the SNC and/or ITS website directly to complete the requested task, like resetting your password. This way you know you’re doing it on an approved site.
  • Visit the ITS Twitter account, Facebook page, or website and see if we’ve posted anything about the email. Chances are, if we’re working on something that warrants an immediate action — like a system upgrade or security breach — we’ll post something on these sites.
  • Contact the ITS Service Desk (ext. 4040, servicedesk@snc.edu) and ask if the email is legitimate. We’re here to help, and it’s better to be safe than sorry!

If you determine a message is fake, be sure to mark it “spam” in your SNC Google email account. This will help train the email system to properly handle emails like it in the future.¬†Finally, if you do accidentally click on a link or respond to a phishing email, reset your password and notify the ITS Service Desk immediately for assistance.

Category: Tech Tips