Protect Yourself From Becoming a Phishing Victim
“Phishing” refers to an attempt to steal sensitive information, typically in the form of usernames, passwords, credit card numbers, bank account information, or other important data, in order to utilize or sell the stolen information. By masquerading as a reputable source with an enticing request, an attacker lures in the victim in order to trick them, similarly to how a fisherman uses bait to catch a fish.
- Treat with suspicion any email that you didn't expect to receive.
- Legitimate subject lines are usually detailed and specific. A generic subject line can be a key indicator of a phishing scam.
- Look for unprofessional spelling and grammar errors.
- Unnecessary urgency is suspect. Use your intuition, and if something "feels" wrong, call the sender's organization to validate the email.
- If it seems too good to be true, it probably is.
- Hover over links to see if the web address is legitimate and relates to the email's content.
- Check for odd phrases and word choices based on your knowledge of the sender.
- Verify any email that asks for personal information (e.g., birthday, Social Security Number, username, password) by independently looking up the sender's contact information.
- Watch for improper or unusual use of copyright information, logos, and graphics that could make the email appear official.
To report a phishing attempt in Gmail, use the red fishing hook in the column to the right of the email. This will route the email to the correct staff to address.
