A phishing attack happens when someone tries to trick you into sharing personal information online.
Table of Contents
Table of Contents | ||
---|---|---|
|
If you become a victim of a phishing attack
If you fell victim to a phishing attack please perform the following as soon as possible:
- Change your password immediately by following this guide.
- Enable 2-Step Verification for your Sage Google Account. The How-To article for this can be found here.
- If you are having trouble changing your password or enabling 2-Step Verification contact the Service Center either via phone at 518-244-4777 or by submitting a service request here.
Warning |
---|
If you have disclosed personal information (i.e. bank account number, SSN, credit card numbers, etc.) be sure to contact the institutions who own that information and let them know that you were a victim of a phishing attack. |
...
What is phishing?
Phishing is usually done through email, ads, or by sites that look similar to sites you already use. For example, someone who is phishing might send you an email that looks like it's from your bank so that you'll give them information about your bank account. The Sage Service Center Desk has encountered an increase in emails asking users to purchase gift cards. These emails appear to be from a member of the college, when in fact they are not.
...
- Usernames and passwords, including password changes
- Social Security numbers
- Bank account numbers
- PINs (Personal Identification Numbers)
- Credit card numbers
- Your mother’s maiden name
- Your birthday
- Gift cards (Google Play Store, iTunes, Amazon, etc.)
Info |
---|
The Sage Colleges Service Center Desk and Google will never ask you to provide this type of information in an email. |
Report phishing/suspicious email to the IT Department
If you receive an email you suspect to be a phishing attempt please perform the following steps.
Create a new service request
Open a service request with the Service Center using this link: Report Phishing/Suspicious Email
Gather detail email information
In a new tab
- Open Gmail.
- Open the email you suspect is a phishing attempt.
- Next to Reply , click More Show original.
...
If you've disclosed personal information to an attacker (phisher)
Warning | ||
---|---|---|
| ||
If you have disclosed personal information (i.e. bank account number, SSN, credit card numbers, etc.) be sure to contact the institutions who own that information and let them know that you were a victim of a phishing attack. |
If you've fallen victim to a phishing attack please perform the following as soon as possible:
- Change your password immediately by following this guide.
- Follow the steps below from the If you've received a phishing/suspicious emailsection of this article.
If you've received a phishing/suspicious email
If you've received an email you suspect to be a phishing attempt please perform the following steps.
Warning | ||
---|---|---|
| ||
Do not click on any links or respond in any capacity to the email until the Service Desk has verified if the email is legitimate. |
Report a phishing email to Google
When Gmail identifies that an email may be phishing or suspicious, it might show a warning or move the email to Spam. If an email wasn't marked correctly, follow the steps below to mark or unmark it as phishing.
...
- On a computer, go to Gmail.
- Open the message.
- Next to Reply , click More .
Note: If you're using classic Gmail, click the Down arrow . - Click Report phishingSelect the email using the checkbox to the left of the message in question.
- Click the Report Spam button along the top row of icons.
- On a computer, go to Gmail.
- Open Select the email using the checkbox to the left of the message .
- Next to Reply , click More .
Note: If you're using classic Gmail,click the Down arrow . - Click Report not phishingin question.
- Click the Not Spam button along the top row of icons.
To do the same from the Gmail app on your phone:
- Open the Gmail app.
- Select the email by tapping the icon to the left of the message (usually represented by a profile picture or capital letter).
- Click the three dots in the top right > Report Spam.
Avoid phishing attacks
Be careful anytime you get an email from a site asking for personal information. If you get this type of email:
- Don’t click any links or provide personal information until you've confirmed the email is real. If you are unsure if the email is real open a service request with the Service Center Desk using this link: Report Phishing/Suspicious Email.
- Do NOT open or download any attachments until you have verified the email is legitimate.
- If the sender has a Gmail address, report the Gmail abuse to Google.
Note: The Sage Service Center Desk or Gmail will never ask you for personal information, like your password, over email.
...
- Check that the email address and the sender name match.
- Check if the email is authenticated.
- Hover over any links before you click on them. If the URL of the link doesn't match the description of the link, it might be leading you to a phishing site.
- Check the message headers to make sure the "from" header isn't showing an incorrect name.
Info | ||
---|---|---|
| ||
Google has created a phishing quiz that helps you learn how to spot phishing emails. You can take the quiz here. |
Example of a phishing email
In the example below Alex is the target of a phishing scam by an attacker who is pretending to be Ryeley. The attacker is very convincing; they've used Ryeley's real email signature and changed the sender name to Ryeley's full name. The attackers emails are in red, and the targets emails are in blue.
Date: Wed, Mar 20, 2019 at 6:13 PM
Subject: Urgent Request
To: Alex Markessinis <alex.markessinis@sage.edu>
On Wed, Mar 20, 2019 at 5:59 PM Ryeley Kuykendall <networkadmin@my.com> wrote:
Available?
Ryeley Kuykendall,
Network Administrator
Cowee Hall, Troy Campus
The Sage Colleges
--------------------------------------------
On Wed, Mar 20, 2019 at 6:02 PM Ryeley Kuykendall <networkadmin@my.com> wrote:
I'm in a meeting right now, I ned you to help me complete a task right away from any nearest store around.
Thanks
Ryeley Kuykendall,
Network Administrator
Cowee Hall, Troy Campus
The Sage Colleges
--------------------------------------------
On Wed, Mar 20, 2019 at 6:13 PM Ryeley Kuykendall <networkadmin@my.com> wrote:
Are you receiving my emails?
Thanks
Ryeley Kuykendall,
Network Administrator
Cowee Hall, Troy Campus
The Sage Colleges
--------------------------------------------
Wednesday, 20 March 2019, 11:00 PM +0100 from Alex Markessinis <alex.markessinis@sage.edu>:
Sure? What is up?
--------------------------------------------
Wednesday, 20 March 2019, 11:03 PM +0100 from Alex Markessinis <alex.markessinis@sage.edu>:
Okay.
What do you need?
--------------------------------------------
Wednesday, 20 March 2019, 11:06 PM +0100 from Ryeley Kuykendall <networkadmin@my.com>:
Alexander,
Here is what you need to do for me real quick. I need google play gift
cards, can you get some at the store right now? Let me know to advise
denomination to purchase. I will reimburse you all expense as soon as I'm
done.
Thanks
Ryeley Kuykendall,
Network Administrator
Cowee Hall, Troy Campus
The Sage Colleges
Phishing Red Flags
We've included some red flags below that will help you identify potentially malicious emails.
1. The language, spelling, and grammar are “off.”
Is the email full of spelling errors, or does it look like someone used an online translation service to translate the mail to your language? In the email chain above the attacker phrased this message in a strange way and misspelled the word need.
I ned you to help me complete a task right away from any nearest store around.
2. The sender doesn’t seem to know the addressee.
Is the recipient name spelled out in the email, and are you being addressed as you would expect from the sender? Does the signature match how this sender would usually sign their mails to you? Your bank usually does not address you in generic ways like “Dear customer.” If the email is legit and clearly intended for you, then they will use your full name. In the email above the attacker addresses the recipient by the name Alexander, though the recipients name is actually Alex and Ryeley always refers to recipient by the name Alex.
Alexander
3. Embedded links have weird URLs.
Always hover first over the links in the email. Do not click. Does the destination URL match the destination site you would expect? Will it download a file? Are they using a link shortening service? When in doubt, if you have a shortcut to the site of the company sending you the email, use that method instead of clicking the link in the email.
4. False urgency.
Often attackers will try to scare their victims with a scary subject or one that creates a sense of urgency. They do this so the victim acts quickly and does not take their time when reading the email. In the example above the sender literally titles their email Urgent Request to scare the recipient.
Subject: Urgent Request
5. Sender is asking for money.
Often attackers will ask for money in the form of a wire transfer or in the form of a gift cards. Attackers attempt to get money this way because these modes of money transfer are non-refundable and hard to trace. In the email above the attacker asks the sender to purchase Google Play gift cards.
I need google play gift cards
6. The sender address isn’t correct.
Check if this address matches the name of the sender and whether the domain of the company is correct. To see this, you have to make sure your email client displays the sender’s email address and not just their display name. Sometimes you need to train hawk eyes at the address, since spammers have some convincing tricks up their sleeve. In the example above the senders email is networkadmin@my.com which is not a valid sage.edu email address. We always advocate checking the email address being used to send the email rather than just looking at the senders name.
networkadmin@my.com
You can view a senders email address by viewing the entire email header or by opening up the email or email chain, clicking the downward facing triangle next to "to me" which will display the following info pane:
Column | ||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Related articles
Filter by label (Content by label) | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
...