Phishing & Suspicious Email
What is Phishing?
Phishing is an online attempt to gain sensitive information (login info, credit card details, money, etc.) by pretending to be a trustworthy entity.
Spear Phishing is phishing that is targeted toward a specific individual or organization. Criminals are targeting you and other members of the SRU community with phishing schemes to trick you into revealing your personal information and SRU password. They are hoping to gain access to your personal and financial information, as well as sensitive university information and access to SRU resources.
Learn to Spot Phishing attempts
Malicious emails typically:
- Use urgent language and may ask you to validate, verify or update your account.
- Ask for personal information such as passwords, bank account numbers, user names and/or credit card numbers.
- May have grammatical, typographical, or other obvious errors.
Learn to recognize Phishy links:
- With your mouse, hover over the link to see the actual address where the link is directing you.
- Note the entire URL. Criminals may use pieces of legitimate URLs but not the exact thing.
How good are you at catching a Phish? Take this Phishing Quiz
Phishing Examples: What to Watch For
If you are questioning whether an email or web page is fraudulent, remember these two points:
- SRU will never ask you to validate your account or provide your password in an email.
- Compare examples of a fraudulent email and an email SRU actually sends to people.
This Email is a Fraud
Clues that indicate this email is fraudulent:
- It directs you to a non-SRU website. With your mouse, hover over the link to see the actual address where the link is directing you. In this case, the URL that the link goes to is an offsite location. Do not click the link if it looks wrong to you.
- It asks you to update your account or it will become inactive. SRU will never ask you to validate or verify your account. SRU accounts only become inactive when you leave the University and are no longer eligible for an account OR your account has been reported as compromised and disabled. Learn more about Compromised Accounts.
- The "From" address is fake. Although it says, "Slippery Rock University of Pennsylvania", the actual email lists someone at "psu.edu" as the sender. Beware, because criminals can forge the "From" addresses to look real.
This Email is Safe
Clues that indicate this email is safe:
- It does not ask you to verify or validate anything.
- When you hover over the link, it directs you to our SRU web page.
- It does not ask you to click on a link to change your password.
If You Suspect a Phish
You can report suspicious emails:
- Phishes that appear to impersonate an SRU address or service. Phishing attempts will often impersonate SRU communications. If a phish contains an SRU email address, SRU logo or branding element, is addressed to students, faculty, and/or staff, or uses other key words targeting our SRU community, please report it. Send the entire message with full email headers to helpdesk@sru.edu.
Key Points to Remember
- Seems Odd: If an email seems odd, it's probably spam.
- Unsolicited: If you don't recognize the source or name, please use caution.
- SRU Password Request: SRU will never ask you for your password.
- Copy the URL: NEVER copy a link from a message into a separate browser
- Be skeptical: Always be skeptical of unsolicited communications asking for sensitive information, even if they appear to come from a trusted source.
- Check the source: Verify the sender’s email address. Phishing emails often come from addresses that resemble legitimate ones, with subtle changes. For example, instead of helpdesk@sru.edu, the phishing email may use helpdesk@sru-university-support.com.
- Check the URL: Before entering any personal information on a website, check the URL to ensure that it is legitimate. Phishing websites often use URLs that are similar to legitimate ones, but with slight variations. For example, instead of https://www.sru.edu, the phishing website may use https://www.sru.university-support.com. Never click on links or download attachments from unknown sources. Even if the source seems known, be cautious.
- Never share sensitive information including your MFA reset question/answers: Legitimate organizations will never ask for sensitive information via email. If you’re unsure, contact the organization directly using a known and trusted method, not through the contact information provided in the suspicious email.
- Use two-factor authentication: Where possible, enable two-factor authentication on your accounts. This adds an extra layer of security, making it harder for attackers to gain access.
- Use strong passwords: Use strong passwords that are difficult to guess. Do not use the same password for multiple accounts. Consider using a password manager to generate and store your passwords.
If You Get Caught
If you gave personal information in response to a phishing email or on a suspicious web page, your account may be compromised.
- Change your passwords: Immediately change your SRU password. Do NOT set your password back to something you have used previously. You should change passwords regularly and they should be complex, unique, and difficult to guess. Avoid using the same password for multiple accounts and do not share your passwords with anyone.
- Report the incident: Inform Information Technology Support by sending it to Information Technology Support Services at HelpDesk@sru.edu. Swift reporting of an incident helps identify the source of the email and enables Support Services to take the steps needed to prevent further attacks.
- Enable two-factor authentication: As previously mentioned, this is another crucial step toward protecting yourself against phishing attacks. Two-factor authentication adds an extra layer of security, requiring a second form of authentication, such as a fingerprint or a one-time password, in addition to your username and password. This makes it more difficult for cyber criminals to access your accounts—even if they have your login credentials. Learn more here
- Utilize the Microsoft Authenticator App: The Microsoft Authenticator Application is the recommended method for MFA. With this free app, you can sign in to your SRU Microsoft account without using a password. You’ll use a fingerprint, face recognition, or a PIN for security. Learn more here
- Monitor your accounts: Checking for malware is a must after responding to a phishing email. Malware is malicious software designed to damage or disable computer systems, steal sensitive information, or spy on user activity. Cyber criminals often use phishing emails to distribute malware. This is why it is essential to scan your device for viruses or other malicious software.
- Contact the company or organization: If you responded to a phishing email that appeared to be from a trusted source, contact the company or organization to alert them. They may be able to take steps to prevent other customers or employees from falling victim to the same scam.
- Educate yourself: Learn more about the different types of phishing attacks and how to spot them. Look out for telltale signs like grammatical errors, suspicious links and requests for sensitive information. Knowing what phishing tactics attackers commonly use will help you avoid being tricked by them in the future. Learn more here
- Protect your identity: Learn how to protect your identity with a credit freeze. Learn more here