As part of Fredonia’s ongoing effort to increase cyber security awareness for the campus community, the Information Security Office (ISO) has partnered with the SANS Institute to bring you the “Security Tip of the Month”. The SANS Institute is an internationally recognized leader in information security training, certification, and research.
Can you spot a phishing attack?
Who Is This "From"?
- Watch out for emails that appear to come from trusted sources, such as your bank or employer (e.g. supervisor, Chair, Dean, VP etc.) but the "From" or "Reply-To" address is actually someone’s personal email account, such as @gmail.com. Many scammers use publicly accessible information to conduct spear phishing campaigns. These scams may include your supervisor's picture, contact information, and their legitimate email address could also be embedded in the fraudulent sending address (e.g. email@example.com).
An URGENT Subject
- Does the subject line try to create a tremendous sense of urgency or curiosity? Such subject lines may include "Need a Job?" or "Can you help?" or "IMPORTANT: Verify Transcript".
- Watch out for generic solutions or greetings, such as “Dear Customer” or " Are you busy"?
“I just need your credit card number...”
- Is the sender asking for your password, bank account details, personally identifiable information, apply for a job, or for you to buy gift cards?
Check Before You Click
- Hover over links to find the true destination before clicking on them. If a link redirects you to an unexpected location, do not click on it.
- Be on the alert if an email comes from a friend or co-worker, but seems odd or doesn’t read like something they would send.
Don’t Get Attached
- Do not open unexpected or suspicious attachments.
Report incidents, such as if you have been hacked. We are here to help! If your computer has been infected, don’t try to fix the problem, report it instead to the ITS Service Center (716) 673-3407 or firstname.lastname@example.org.
Please visit answers.fredonia.edu to view other Fredonia cyber security related knowledge base articles.