How to Spot Phishes
If you receive an email, be sure to consider the following:
- Does the URL look right?
- On your smartphone or tablet, press the link and hold down until a dialog box appears containing the URL.
- On your computer, hover over the link with your mouse. The URL will usually appear in the lower left corner of your window.
- Does the login screen look right? Do not enter your NetID password unless you are sure it is safe.
- Are you expecting the document or link? Be suspicious of unexpected emails sharing documents and links you are not expecting. If you are not sure, contact the sender (preferably via text message, phone, or an alternative email address) and ask if they shared a document with you.
- Do you know the person sharing it? Consider the message suspicious if you do not know the person the message is from. Be aware, though, that phishers often use compromised accounts to send their messages, and they can also forge the sending address. If you feel at all unsure, call the person and ask if they shared a document or link with you.
- Can you tell what the document is? Is it clear to you from the document title and message what the document is and why it is being shared with you? Phishers often send vague messages that just say a document has been shared with you. They rely on your curiosity. Do not open suspicious shared documents just to see what they are.
- Beware of flattery. Customized emails complimenting their research and asking them to look at a shared document or link related to it. If it looks suspicious, do not log in.
Phishing resources you can use
- Watch for scams and hoaxes.
- Learn about phishing at phishing.org.
- Google report phishing options.
- Syracuse University Information Security student created video on phishing.
If you need more information or assistance with verifying any email messages, please do not hesitate to contact your local IT support team. You can also contact the ITS Security Department at firstname.lastname@example.org or the ITS Service Center at 315.443.2677 and email@example.com.
For all suspicious emails that appear to impersonate a Syracuse University address or service, send the entire message with full email headers (if possible) to firstname.lastname@example.org.
For Gmail phishes that appear to impersonate a Syracuse University addresses, services, or personnel, send the entire message to ITS Security Department and /or ITS Service Center.
- In the message you would like to report, click the down arrow or 3 dots (more) next to the Reply arrow and select Show original.
- In the Original Message screen, click Download Original to download the page as a .txt file.
- Compose a new message, attach the file you downloaded, and send the new message and attachment to ITS Security Department and /or ITS Service Center.
Some content of this page may have been derived with permission from Safe Computing at University of Michigan