Phishing, scams, or suspicious email

Owned by Alex Iuculano (Unlicensed)
Last updated: May 18, 2021

Phishing is the process of attempting to acquire information such as usernames, passwords, or other sensitive data by masquerading as a trustworthy entity. While these can take countless forms, ranging from incredibly simplistic to near perfect copies of a legitimate service - a few simple guidelines can help keep you safe in many cases.

Getting started

While these scams will commonly try to start by getting a knee-jerk response out of you, some may be as simple as a link and nothing else. These attacks come in all shapes and forms, so being aware is paramount.

These kinds of attacks cause millions of dollars of damage each year and is steadily growing.

A few quick tips can severely diminish the odds of one of these attacks succeeding - and if you have any doubts whatsoever about its validity, IT will examine the messages and inform you of any further steps to take.

Reporting a message

Preserving the message headers will make it easier for us to analyze the message. This can be done by creating an attachment of the message in question (this is not the same as forwarding it). If possible, please follow the steps below when sending the message.

Attaching the message with the Outlook desktop app

  1. Select the suspicious message

  2. Press Control+Alt+F on your keyboard, a new message window should appear

  3. Send the message to helpdesk@felician.edu

Attaching the message with the Outlook web app

  1. Create a new message

  2. Click and drag the suspicious message from your inbox to your new message to create an attachment

  3. Send the message to helpdesk@felician.edu

Very often, this can be an immediate red flag that something is amiss. You cannot necessarily trust the name itself on an email - instead, a good habit is to always check the sender’s email address. A well known company is very likely not reaching out to you via an gmail.com or hotmail.com address, for example.

There are generally no restrictions on what one sets as their name with email - it’s the same as you being able to freely sign a paper letter with whatever you want. You’re free to use your name, a nickname, or even someone else’s name. Checking the address will very often expose these kinds of social engineering attempts. Receiving an email with the name of a co-worker in no way guarantees their identity and these attacks are relying on your glancing over this.

If you receive such a message, and it’s not from an address you recognize (ideally, any and all Felician related correspondence should be coming from another @felician.edu or @students.felician.edu email address) then something may be wrong. Remember, security happens in layers - even this isn’t an absolute guarantee. If it sounds strange and it came from a Felician address, something may still be wrong!

Additionally, hovering your mouse over the link will show it to you. This can often be a crucial hint as to whether the destination is where you’d expect it to. Beware look-alikes as well! Just because the company name is in the URL does not guarantee its safety, such as:

  • http://wells-fargo-banking-online.info

  • login.microsoftsecurelogin.net

Context is important

The messages may try to get you to panic, worry, or think that someone or something is waiting for your response. Questioning this is a good first line of defense - do any emails of this kind actually have a reason to be delivered to your work account?

For instance, if you get an email that looks like it came from Spotify, Netflix, or maybe even UPS - do you ever deal with these services on your work email? The same holds true for files, documents, and especially anything dealing with money. If it sounds strange, there’s a definite chance that something’s awry.

These messages can come in the form of messages like (and are in no way limited to):

  • Warning that your account is restricted

  • They’ve noticed suspicious activity

  • Mention that you need to confirm certain (likely personal) information

  • An invoice or credit card statement

  • Asking you to log in to validate or confirm something

  • A notice that you have messages waiting

  • A co-worker forgot the departmental credit card or needs to suddenly buy gift cards