As we wind down from a busy semester and leap into finals week, it can be easy to let your guard down when protecting your information. Here is a little refresher for avoiding phishing attacks.

Phishing is an attack on your computer using email or malicious websites to solicit personal information, often financial. These attacks typically come in the form of an email from a seemingly reputable credit card company or financial institution that requests account information. Here are some tips to avoid falling victim.

• Be suspicious! Never automatically assume an email is legitimate – even if it looks like it’s from MSU!
• Do not reveal personal or financial information over email. Reputable companies will never ask you for this information via email.
• Pay attention to the URL and proceed with caution when clicking links in emails. The URL is usually a dead giveaway of malicious intent. Take a look at the example below; see how the email looks pretty normal until I hover over the link? This is a classic phishing attempt.

Have a safe winter break, Bears!

By Addie Padgett, Information Security Graduate Assistant