It’s Cyber Security Awareness Month! This is a time to help better understand the cyber threats we face online and the simple steps we can take to minimize those risks. Today we’re talking about phishing emails.

If you receive an email from an address you don’t recognize, your first thought should be: is this email legitimate?  But know that malicious emails can also come from an address that you do recognize – perhaps their account got hacked and is now being used to spam people.

How to Recognize a Phishing Email and What To Do If You Get One

It’s important to be able to recognize a phishing attempt and, most importantly, not be baited.

There’s a good chance an email is a phishing attempt if:

  • It asks you for your password or directs you to a web form asking for your password
  • If the link within the body of the message points to a non-Carleton email address
  • The subject line is in all caps
  • There is a call for immediate action – “download this now” or “confirm you email identity now” or “click on the link below”
  • There are spelling or grammatical errors in the email

If you receive a phishing email do not respond to it, move it to your junk folder (this will mark it as spam), and forward it to the ITS Service Desk.

We then flag the email in our system, which marks it as spam for other users.  If the phishing email contains a link to a website, we report that website to Google and the web host (if available).

IT Security: Our Shared Responsibility

We all have a key role to play in keeping our home computers and personal devices secure online. We also play a big part in keeping our businesses safe from cyber threats.  To learn more about Cyber Security Awareness Month, check out the Get Cyber Safe and the Stay Safe Online websites.