Phishing: Don’t take the bait

Phishing is fraudulent emails, texts or calls that appear to be from companies or people that you know, but are actually from scammers. These threats attempt to obtain the university’s or your private information, passwords or account numbers to allow scammers to commit fraud. Phishing emails use deceptive means such as forging the sender’s address and often ask for the reader to reply, call a phone number or click on a link in the message. Other forms of phishing include spear phishing and spoofing.

Spear phishing, like regular phishing, is an attempt to gain private information through deception, but are generally aimed at a specific target, whereas as regular phishing casts a wider net among a larger group of people. E-mail spoofing involves sending an email that pretends to be from a well-known company, a close family member or a respected individual from your organization. Spoofing can also be carried out in person, over the phone or via malicious pop-up windows or “spoofed” (fake) websites.

Elon Email Tip Sheet

A partial image of a phishing email example

Learn more about the red flags found in many phishing emails.

Identify Potential Threats

Using phishing emails, scammers attempt to lure you into to sharing sensitive data such as passwords, credit card numbers, bank account numbers and other information in order to steal your identity or commit fraud in your name.

Common red flags are messages that:

  • Don’t address you by name
  • Create a sense of urgency
  • Asks for sensitive, personal information
  • Invoke fear, greed or other strong emotions
  • Contain unexpected attachments
  • Feature poor spelling or grammar throughout
  • Contain links that lead to unfamiliar websites or don’t match legitimate resources for the organization

Avoid Cyber Dangers

Be proactive in avoiding cyber security dangers with these tips:

  • Keep personal information, passwords and login credentials private
  • Hover over links to check for authenticity
  • Never click links or open attachments in suspicious emails
  • Call to verify the message source, contact information and request
  • When in doubt, contact Campus Technology Support for help, (336) 278-5200

Protect Your Accounts

Be mindful of ways you can safeguard your accounts from phishing scams, such as these tips:

  • Never share passwords and login credentials
  • Utilize multi-factor authentication, a second step such as a text code, to confirm your identity
  • Ensure that security updates for your computers and other devices are current
  • Back up data often
  • Be sure that you’re using a secure web site when submitting credit card or other sensitive information
  • Avoid completing forms on a website unless you are certain it is secure

Have you been scammed?

If you think you’ve been the victim of a phishing scam:

  • Change any compromised passwords immediately
  • Scan your computer or device for viruses
  • Review activity for email and accounts
  • Contact your bank to report that you may have been the victim of fraud
  • If your Elon issued computer or device has been compromised, contact Campus Technology Support immediately at (336) 278-5200