• Calendar
  • Maps

Phishing

Phishing (pronounced "fishing") is one of the most common forms of social engineering we see at the University. The most common method of phishing is via email, texting (smishing), voice messages (vshing) and social media messaging. Phishing emails and messages will typically contain a statement that something is going to happen to your account if you don't verify it now. These attempts usually involve clicking on a link to a page where you are asked to provide your username, password, answer to a password security question, account number, credit card number and other sensitive information. These messages can look like they are from someone at the university or mimic pages such as the login page. Attackers will also try to fool you into clicking on malicious links or opening malicious attachments in an email.

Learn how to spot a phishing attempt to prevent you from taking the bait and getting hooked.  
 

 

How to Spot a Phish

  • Urgency: Does the message want you to make a decision now before thinking? Many phishing emails threaten to delete or lock your account if you don't respond within a certain time frame. Hackers prey on human nature to respond.  Reread the message and don't panic. Contact your boss, coworkers, friends, family members, teachers, etc... to validate urgency. 
  • Headers: Check who the message is from both the sender name and email address. No legitimate email from the university or other businesses will come from an @gmail.com account. The 'From:' field can easily be manipulated to show a false sender name. Learn how to view headers.
  • Message: Does anything about the message seem wrong? Does it seem too good to be true? Does it ask you to verify any personal information? If you have the slightest doubt, don't risk it. Never email an address you don't recognize or can't find information about on a website contact or directory page. If you would like to verify with a company that "sent you an email" you can find support contact information from that company's website. For Weber State, contact the IT Service Desk: csupport@weber.edu or 801-626-7777.
  • Greeting: Most phishing emails aren't personalized. Does the message address you in a generic way for example: Dear weber account user,? 
  • Grammar and Spelling Errors: Messages from the university and from reputable companies go through several drafts before being sent out. Many grammar and spelling mistakes can be found in phishing emails. Phishing emails can also be poorly written. Be sure to thoroughly read emails that say they are from companies you know.  Beware that with the emergence of AI tools, phishing emails may become more sophisticated and contain less grammatical and spelling errors.
  • Links and Attachments: Suspicious links and attachments are a clear indication of a phishing message. Hover over links with your mouse cursor and verify them. On your mobile device you can hold your thumb on the link, but don't tap it. If the link doesn't match the destination, it is most likely a phishing email. Never click on a link in these emails. Be cautious when clicking on attachments from emails. Weber State will never ask you to change a password through email with a link. Password changes are only made through the Password Self-Service portal. Never share your Duo information with anyone or type it in to a form.
  • Fake Webpages, Images and Forms:  Hackers will duplicate the image of a real company or website; they can copy the names of a company or an actual employee name; they include sites that are visually similar to Weber State's login portal and create forms to have you input sensitive data. Do not fall for these. Always check the URL. Navigate to the intended website by typing it in rather than clicking a link in an email to update information such as a password. 

What should I do if I receive a phishing email?

  1. Do not respond to any email you suspect is phishing. Never click on links or attachments.
  2. Mark the email as phishing. To do this you can click the checkbox of the email and click the three dot drop down near the top right corner of the email. Choose Report Phishing, and then delete the email. 

For more information on how to handle unwanted or suspicious emails, visit Unwanted or Suspicious Emails.

What if I responded?

If you entered your WSU account or personal information as the result of a spoof or phishing message, take action quickly.

  • Work Message event:
    • Change your password immediately!
    • Send a copy of the message header to our ISO office security@weber.edu or the IT Service Desk, csupport@weber.edu.
    • Open a help desk ticket with the Service Desk to have your device checked. 
    • Make sure your operating system and apps are updated. 
    • Become educated on how to better spot a phishing email.
  • Personal Message event:
    • Send a copy of the message header and the entire text of the message to the Federal Trade Commission at spam@uce.gov.
    • If you entered credit card or bank account numbers, contact your financial institution. Immediately change your passwords.
    • If you think you may be the victim of identity theft, contact your local police.

Additional Resources