There are several things you can do to protect yourself and ISU against malicious phishing scams. The tips shown below can help you identify a scam and protect institutional information from getting into an attacker's hands. Some best practices are listed below.
The email address. If it is from a legitimate sender, but the “FROM” address is a personal account, like @gmail.com or @hotmail.com, this is probably an attack. Also, check the “TO” and the “CC” fields. Is the email being sent to people you do not know?
Emails addressed to "Dear Customer or other generic greetings. If a trusted organization needs to contact you, they will know your name and information. Also ask yourself: am I expecting an email from this company?
Grammar or spelling mistakes. Most businesses proofread their messages carefully before sending them.
Messages that require “immediate action” or create a sense of urgency. This is a common technique to rush people into making a mistake. Legitimate organizations will not ask you for your personal information.
Only click on links that you are expecting.
Attachments, only open those you are expecting. Never hesitate to verify with the real sender.
Messages that sound too good to be true. (No, you did not just win the lottery or get hired for a job you did not apply for!)
Conent for Panel 5