Detecting and Recognizing a Phishing Email

Phishing

Using email or social skills (social networking) to trick you into providing personal financial (credit card) information or to gain access to passwords, account names, or email addresses.

If you think you have received an email that you think is a “phish”, the tips below can keep you from taking the bait and getting hooked.

Receiving the Email

  1. Know the online companies you deal with.  When a suspicious email arrives in your inbox - THINK: it could be fraud, it's definitely spam, and it's not for you.  Delete it!

  2. Look carefully at the subject line.  Example: Chase Bank will never send you an email headed "_ChaseBank_account_update ACT-NOW".  These messages may sneak through your spam filters because they appear to come from a reputable source, but that doesn't mean it's really from Chase Bank.

Looking at the Email

  1. Understand how the companies you deal with want to interact with you.  For example, banks usually want you to access your account through their website - not an email link.  "Phishing" emails stand out because they don't follow the rules.

  2. Practice safe browsing. Open a new browser window each time you log on to a website that displays personal information.  When you are done, log out and close that browser window.

  3. Be sure to thoroughly read emails that say they are from companies you know.  Watch for spelling and grammatical errors.  Sometimes a real email will have an occasional spelling or grammatical error, but anything more than one is suspicious.

  4. Hover over email addresses and the links with your mouse cursor and verify them.  In some email systems, you can scroll over the different links in an email and see the actual contents of the link.  If the email says PayPal, but the link says "www.paipall.com", be careful.  And note: URLs can be disguised - so don't take a suspect link at face value.  You can also Google and compare.

  5. Never enter your personal or credit information into a form in an email.  If you feel the email is legitimate, visit their website and log in or call the company directly to provide the requested information.  Don't click on the link!

  6. Most "phishing" emails are not personalized.  Expect good customer service from your online providers.  Unless your name is "eBay User" or "Friends", if you receive a "Dear Customer" email, it may be time to move on.

Stay on Guard

  1. Read your bank statements - every one, every month to ensure your charges and debits are correct.  Stay vigilant and report any suspicious activity immediately.

  2. Use and maintain your email protection software for spam blocking, fraud blocking, and anti-virus.

Reporting

  1. If you receive a message that our phishing detection system doesn't pick up on, click the down arrow next to Reply at the top-right of the message pane, and select Report Phishing to send a copy of the message to the Gmail Team.  

  2. You may also forward a copy to the IT Service Desk, csupport@weber.edu.

If you are still uncertain if it is a phishing email, here are some additional steps you can take:

  1. Check whether the email was authenticated by the sending domain. Open the message and click on the 'show details' icon below the sender's name, . Make sure the domain you see next to the 'mailed-by' or 'signed-by' lines matches the sender's email address.

  2. Make sure the URL domain on the given page is correct, and click on any images and links to verify that you are directed to proper pages within the site. For example, the Gmail URL is http://mail.google.com/ or, for even more security,https://mail.google.com/. Although some links may appear to contain 'gmail.com,' you may be redirected to another site after entering such addresses into your browser.

  3. Always look for the closed lock icon in the status bar at the bottom of your browser window whenever you enter any private information, including your password.

  4. Check the message headers. The 'From:' field is easily manipulated to show a false sender name. Learn how to view headers.

  5. If you're still uncertain, contact the organization from which the message appears to be sent. Don't use the reply address in the message, since it can be forged. Instead, visit the official website of the company in question, and find a different contact address.

  6. If our system flags a message as phishing, but you've validated the source from which the message originated, click the down arrow next to Reply at the top-right of the message pane, and select Report Not Phishing to let us know the message is legitimate.

  7. For more information on how to handle unwanted or suspicious email, visit http://support.google.com/mail/topic/1669056?hl=en&ref_topic=1668978.

What if you responded?

  1. If you entered your WSU account or personal information as the result of a spoof or phishing message, take action quickly. Send a copy of the message header and the entire text of the message to the Federal Trade Commission at spam@uce.gov.  If you entered credit card or bank account numbers, contact your financial institution. If you think you may be the victim of identity theft, contact your local police.

New phishing events can be viewed here: http://weberstateitsnews.blogspot.com/p/information-security-office.html
 


Weber State UniversityOgden, Utah 84408

Privacy PolicyTerms of UseNondiscrimination Policy