Ben Hill Griffin 252
Monday - Friday 7:30 am 5:00 pm
Phone: (239) 590-1188
Identifying Phishing Emails
What is Phishing?Phishing is an attempt to steal personal informartion, financial information, or your username and password for an account by misleading a user into trusting a fraudulent email or website. Why is it called "phishing"? It's a variation of "fishing" -- as in "fishing for information." Phishing has been around since the early days of the Web, when the scam du jour was pretending to be an AOL customer service agent in order to steal account information for free Internet access.
Things to Look for:1. First, Florida Gulf Coast University, and most other organizations, are never going to ask you for your password via email, phone, or any other method. Again, we will NEVER ask you for your password under any circumstance. Your password is only for you and should never be shared with anyone else. Any email requesting your FGCU credentials is always going to be a phishing email and you should report it to email@example.com right away.
2. Phisher's will typically attempt to panic you into following their link or replying to their email. They will use things like:
3. Phisher's will usually send these emails in bulk and often do not contain your first or last name. Often they will address you like:
4. Look where the emails are coming from and where they go when you click 'reply'. Phishing emails will always appear to come from a legitimate source, but have
reply addresses to other domains. Look at the example below:
5. If the suspected phishing email has links or URLs in it that look like they could be legitimate hover over them with your mouse to see
where they really take you. It is trivial to create a link going to one page, but look like it points to another. Look at the example below:
Final TipsNever reply to Phishing emails. If they are FGCU related please forward them to firstname.lastname@example.org.
FGCU and most other organizations will never ask for your account information via email.
User your best judgement, but never follow links in suspected Phishing emails. User your bookmarks or manually enter the URL instead.
Here is an example Phishing email that was recently sent to some FGCU staff and faculty. Thanks to everyone
that reported this to us!
This is a classic example of a Phishing email. Note that it's requesting your account information, isn't directly addressing anyone, has a bad return address, and is threatening that your Webmail will be revoked permanently if you don't comply.
If you ever have a question on whether or not an email or website is fake you can always call the Help Desk at 590-1188 and we can help you out. Remember to always keep your Operating System updated, and make sure you have updated Anti-Virus and updated Anti-Spyware software installed.