Phishing Emails and Email Security

Body

What is a Phishing Email?

Spam is a tricky topic. You can find it anywhere: suspicious messages on your social media of choice, advertisements in your email, sometimes even text messages or calls from unknown numbers, all trying to convince you to buy something or hand out some sort of information. There are two major risks, and either one can have annoying or serious consequences, ranging from your email sending out advertisements to your friends to your identity being stolen. These two risks are infection and your account being compromised. Fortunately, both have simple solutions.

Infection, in this situation, generally refers to adware or malware, which can be obtained by any number of means. If you are seeing ads in places that you typically do not, are receiving popups, or your computer is running slowly after opening a page sent to you in an email, you may need to run an antivirus to remove the issue. Fortunately, we have a convenient page listing plenty of antivirus programs that can remove this threat.

Your account being compromised is a more widespread threat. The most common method accounts are compromised by is referred to as phishing, which typically means you were went to a fake website that asked for your login information, which is now using your email to send advertisements to your friends, family, and coworkers. Resolving this is mercifully easy: change your password. Once your password is changed, whoever has been using your account will no longer be able to get in, and your contacts will no longer receive their spam through your email.

With either of these threats, you will want to check through your emails or messages and find out which ones may have caused the problem. To prevent future issues, block the senders at fault and delete their messages. 

Identifying Spam and Phishing Attempts

When you check your email, you may occasionally find advertisements, or odd messages with attachments. As a general rule, if you are unfamiliar with the sender, never open any attachments, as that will open you to the threat of malware infection.

Spam will generally advertise a product and offer some fantastic deal, attempting to bait you into visiting their website. Any page not run through SEMO or its affiliates (for online courses) should not request your login information, much like any site that is not gmail should never ask for your gmail login. Do not enter your password if you even remotely suspect foul play.

To better avoid phishing attempts, here are some general guidelines for identifying them.

  1. Unusual Requests: Many phishing scams will send out a “failed login” or “delivery address required” headline to scare users into entering their information or address. If you do not recognize the source or the problem described does not apply to you, do not enter any information.
     
  2. Misspellings: Phishing operations often originate from overseas, and are often victims of poor translation. Check for spelling and grammatical errors. Any official site would not allow that kind of problem into an official message.
     
  3. Check Links: If you think an email might be legitimate and it contains a link, hover your mouse over it. A common trick used is to send users to a different website than the one the link seems to imply, and placing your mouse over it will reveal where it is actually sending you. If it does not lead where it says it should, do not follow the link.
     
  4. Bad Replication: Another common trick used for identity theft is to recreate website logins. These recreated pages often look slightly different than the regular page and often have a slightly different address. Look for things like different page layouts, misspellings, or missing images. In the address bar, you may recognize that the page you are at is not the one normally used to log in to that website. For instance, instead of www.facebook.com, you may see something like www.facebo.ok/safelogin. Do not enter your information on these pages.

 

 

Reporting a Phishing Email

Southeast Missouri State University's Information Technology Department would like to keep our campus community as safe and secure as possible. In order to accomplish this, the department has begun to keep track of and publish known phishing attempts. Use this page to assist when reporting suspicious emails to the IT department. Once confirmed, the phishing emails will be displayed on the list of Known Phishing Emails.

Use the instructions below to forward suspected phishing emails to the IT Help Desk. Your forwarded email can help the IT department block phishing emails and their malicious links from being accessed by others.

Forwarding Instructions

Apple Mail

1. Select the message in the message list.

2. Move the pointer over the message header, then select the Forward option.

3. Add text explaining that you believe that this is a phishing email and would like to report it.

4. Add helpdesk@semo.edu as the recipient 5. When you're ready, click the send button.

 

Gmail (In-Browser)

1. Open the email you would like to forward.

2. Click on the down arrow in the top-right corner of the email.

3. Select the forward option.

4. Add helpdesk@semo.edu as the recipient.

5. Add text explaining that you believe that this is a phishing email and would like to report it.

6. When you're ready, click the send button.

 

Outlook

1. Open your inbox

2. Right-Click on the email you would like to forward

2. Select the Forward option

3. Enter HelpDesk@semo.edu as the recipient

4. Add text explaining that you believe that this is a phishing email and would like to report it.

5. When you're ready, click the send button.

All Other Email Clients

If the emailing client that you use is not listed here and you would like assistance on forwarding an email, please contact the IT Help Desk at (573) 651-4357 or email them at helpdesk@semo.edu.

 

 

 

 

 

 

 

 

 

 

 

Details

Details

Article ID: 694
Created
Wed 9/22/21 12:07 PM
Modified
Mon 10/11/21 9:20 AM