How to Recognize and Avoid Phishing Scams
How to Recognize Phishing
What is Phishing?
Phishing is the practice of tricking Internet users (as through the use of deceptive email messages or websites) into revealing personal or confidential information which can then be used illicitly or to install malicious software on those devices
What does Phishing look like?
Phishing scams differ, but here are things you should look for:
The sender claims there is a problem with your payment information
The sender says you must confirm your personal information
The sender wants you to click on a link to log in or make a payment
The sender may offer a coupon for free stuff
These emails may look like they are coming from an authorized email, such as your bank, credit card company, social media site, or someone you know.
Phishing Examples
Here is an example of a phishing attempt:
Phishing email from Cofense
Here are the signs that this is a phishing attempt:
Phishing email from Cofense
The subject line: - The use of capital letters and the phrase ”URGENT” are trying to make the user open the email without thinking.
Sender email address - The sender's email address may look like a trusted source but it is actually an unknown Gmail account.
Greeting - This greeting only says “Dear” with no name for the recipient.
Link - The sender does not explain the link at all but wants the recipient to open it. This will download malicious software onto your device.
Here is another example:
Phishing email from Cofense
How to Protect Yourself from Phishing Scams
Preventative Measures for Phishing Scams
Use antivirus software on your computer.
Examples of these are BitDefender Internet Security, ESET Cyber Security, and Trend Micro Internet Security.
Protect your accounts using multi-factor authentication. Multi-factor authentication adds another layer of security to your accounts and will make it harder for someone else to access them.
An example of this is Duo Mobile
Perform regular data backups.
What to do if you receive a phishing attempt
How to report phishing
If you receive an email that appears to be a phishing attempt, you should report the email. With the email open, select the 3 dots in the upper-right of the email and select Report Phishing.
Report the phishing attempt to the Federal Trade Commission (FTC) by forwarding the email to reportphishing@apwg.org or the text message to 7726.
What to do if you responded to a phishing attempt
If you responded to the email with personal information, opened an attachment, or clicked a link and entered information on a phishing attempt, there are additional steps that need to be taken. Feel free to submit a ticket at support.baypath.edu or by emailing phishing@baypath.edu and we can walk you through those steps.