Phishing Awareness

How to spot a phishing e-mail

What is phishing?

Phishing generally involves a fraudulent e-mail you may receive appearing to come from a legitimate sender (e.g. the university, your bank, Apple, etc.). These messages direct you to click on a link that is usually embedded in the e-mail, and when clicking the link, you are directed to a web page that is prompting you to logon using your credentials. These e-mails are a form of social engineering that are designed to trick you into handing over your credentials so that the attacker can gain access to your bank account, sensitive emails, etc.

What is spear-phishing?

Spear phishing is a specific type of phishing e-mail targeted at specific individuals or organizations. Attackers go to great lengths to to make the e-mail appear legitimate. To make the e-mails as believable as possible, the attacker may address you by your first name, and may use screen scrapes of actual web sites so that you believe you are actually logging on to your account. 

How to spot a phishing e-mail

Phish

To report phishing emails to the Information Security Team:

  • Select the email and click on the Proofpoint for Outlook "Report Phish" Button

Phish Alarm Button

  • OR - Select the "Report Suspicious" link in the bright yellow banner at the top of the email

Report Suspicious Banner

  • In Outlook for the web, open the email and select the blue Proofpoint logo to submit the phish:

webmail logo