What is phishing and how can you report it?
What is phishing?
Email scams (known as phishing) are a common method cyber criminals use to trick you into visiting a fraudulent website, opening an infected document, or responding or forwarding an email message in order to gain access to your accounts or your information. Higher education institutions are popular targets for these scams due to their large size, open networks, and diverse populations.
These emails, websites, documents, or login pages may be obviously fraudulent, or may look exactly like the University's login page or other legitimate documents. And although “scam styles” are constantly evolving, here are some helpful hints when trying to identify a message as a scam or phishing attempt:
- Phishing (scam) emails may appear to come from anyone, including “UMN Edu Team,” “Service,” “HelpDesk,” “Customer Service,” or even a colleague, professor, or friend.
- The email may include threats or dire consequences if you don't act quickly.
- The content might include poor spelling, grammar, or formatting that looks unprofessional or suspect (or, it might look completely legitimate).
- It could include a link to a login page that may or may not look like the University's login page, or could be shortened by services like tinyURL, or look like Google or Dropbox.
- The message may ask you to open a shared document you may or may not be expecting.
An important thing to remember is that the University of Minnesota will never ask you to provide your username and password via email. Never give your passwords and other sensitive information to an unverified party online, over the phone, or in person. Although the University rarely sees scams asking outright for your password any more, they still exist. The most common and more sophisticated attack is the fake login page that may look legitimate. Remember that if you are already logged in to email, you should not be asked to log in again.
What to do if you receive a phishy-looking message?
The University of Minnesota takes phishing very seriously. Did you know there is a specific email address to report phishing attempts? It’s [email protected]. The University Information Security team receives these messages, responds accordingly, and also routinely tracks and reports on recent phishing attempts to hit the University on their phishing blog. This is a great resource to check if you think you have received a phishing email to your University account.
From your reports of phishing, which may be the first they have seen of it, University Information Security will quarantine further email from the sender, block fake login pages, follow up with affected recipients, and/or notify the University community of potentially widespread or harmful scams.
If you think you have received a phishing message to your University account, take these 3 quick and easy steps:
Do not engage with the message (such as replying, opening attachments, or clicking on links).
Forward the email in its entirety to [email protected].
Mark the message as spam in Gmail (this will help block this type of message from being delivered to other people at the University and help educate Google’s spam filters), and delete it.
- Contact [email protected] with any questions.
- If you responded to a scam email or clicked on a link, immediately change your University Internet password and account secrets. Be prepared to set a 16-character passphrase or password and opt in to Duo Security when you change your password.
- Visit identitytheft.gov to learn about immediate protective actions you can take to protect your identity more widely.
- Here are a few examples of previous phishing attempts sent to University faculty, students, and staff:
- Example 1: A phishing email with a well-crafted fake login page.
- Example 2: A phishing email with a different fake login page.
- Example 3: A phishing email with a “shared a document” focus.
- There are also many more examples of actual phishing messages on the University Information Security Phishing Blog.