- Alerts and Maintenance
- New to Technology at Butler
- Knowledge Base
- IT Service Catalog
- Policies & Security
- About IT
- Help Desk
No Phishing Allowed!
Phishing is a cybercrime attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, tricks a victim into opening an email or text message. This can also result in your email account becoming compromised and sending out the same scam message to all of your contacts without your approval or knowledge.
Here are some tips to help you avoid falling victim to phishing scams:
- Don't trust the sender display name. Check the "from" email address. Does it look like it matches the sender display name? If something seems off, trust your instincts and delete the message.
- Look - but don't click. If there are any words with links, you can hover your mouse over them in order to view the full link embedded in the message. If it's untrustworthy or the link has been shortened somehow (bitly.com is commonly used in phishing attacks for this purpose), do not click the link. Just the simple act of clicking a link can infect your device with malware and compromise your account.
- Check for typos or grammar mistakes. Typos, especially multiple instances in one message, are becoming less common but still can give away a phishing attempt.
- Analyze the "from" email address. In an attempt to make tip #1 less effective, scammers will often spoof email addresses of trusted organizations. Look for typos, oddly placed characters, and unusual word combinations in the "from" email address.
- Analyze the greeting. Is it a generalized greeting, or a properly customized greeting with your name?
- Analyze the signature. Do you know the sender? Can you verify outside of this message that they've sent it to you?
- Don't share any personal information. Legitimate organizations will never ask for personal credentials or information via email.
- Beware of urgent or threatening language in the subject or message. If a package is being held, an account has been suspended, or you won't believe the embarrassing photo of you, this may be a phishing attempt.
- Don't open attachments. Attachments can include malware and viruses which infect your computer once opened, stealing your passwords or other information or spying on your online activity without your knowledge. Never open email attachments you weren't expecting.
- Trust your instincts. If something doesn't feel quite right, it probably isn't. If the message is purporting to be from a known/trusted source, follow up with that individual or organization by phone or other means outside of the suspicious message.
What to do if you receive a phishing email:
- If you opened the attachment/clicked on the link and provided your information, please contact the Help Desk and follow the recommended phishing next steps.
- If you are able to identify a phishing attempt and did not click on the link/open the attachment, please feel free to delete the message. There is no need to notify IT, as we are almost always made aware of these messages by our filtering and monitoring tools or those who fell victim to the scam. However, if you need assistance in ascertaining whether or not an email is a phishing attempt, please contact us for assistance.