#TipTuesday: Protect Yourself from Phishing Attempts - Information Services

Information Services

#TipTuesday: Protect Yourself from Phishing Attempts

by

Phishing emails are on the rise, and it’s important to know how to recognize and protect yourself from these attempts to steal your data.

According to Microsoft, phishing emails are designed to steal information, usually in an attempt to steal money and other valuable data. Cybercriminals can do this by installing malicious software or stealing personal files and data on your computer, and they often aim to convince you to install malicious software or hand over your personal information under false pretenses.

Here are some tips from the Information Security office on how to protect yourself from phishing attempts:

  • Be suspicious! Cybercriminals often attempt to make emails look like they are from someone you trust, such as your university’s Help Desk or IT Support, popular companies like PayPal or Bank of America, or even people you may know, like a classmate or even a professor. Look carefully at the “From” address in emails you receive. Cybercriminals may use email addresses similar, but not identical, to Missouri State’s, like missouristateedu.com.
  • Know where your reply is going. A tactic used by cybercriminals is setting a “Reply-to” address that is different from the “From” address. Before you reply to an email, check that the “To” address in your reply matches the sender’s address. For example, the email you receive might say that it’s from MSU Help Desk, but when you hit the “Reply” button the address in the “To” field is IThelp@msu.com, which is not a legitimate email address for our Help Desk or even a Missouri State account.
  • Avoid suspicious links and attachments. Be suspicious of any email that asks you to “verify” or “confirm” your login credentials by clicking on an email link. You can check to see if links are legitimate by hovering over them with your mouse. This will show you a preview of the link’s true web address. If the website address does not match the description or is different from the link listed in the email, do not click it!
  • Do not reveal personal or financial information over email. Reputable companies, including Missouri State, will never ask you for this information via email. Personal information includes your account usernames and passwords
  • Look out for secrecy and urgency. Cybercriminals will often try to avoid your suspicion by making their request sound secret and urgent. Phrases like “Do this immediately” or “Please do not speak with anyone by phone or email” should be red flags. You should also be wary of any email that threatens to revoke your access or close your account. Cybercriminals often threaten users to scare them into giving out their information.

If you do fall prey to a phishing attempt, either by clicking a link, downloading an attachment, or replying to an email, and you give out any personal or financial information, contact Information Security as soon as possible. The best thing to do is send them the original phishing email as an attachment. You can also forward the phishing email to phish@office365.microsoft.com.

If you have any questions or concerns, contact Information Security at InformationSecurity@missouristate.edu or 836-8391.

Stay safe out there, folks!

 

 

Contact the Help Desk

Phone: 417-836-5891

Email: HelpDesk@MissouriState.edu

Online: HelpDesk.MissouriState.edu

Follow us on Facebook and Twitter for news, updates, and other #TipTuesday posts!