Ways to Recognize a Phishing Message
Many phishing email messages are poorly constructed, making them obviously suspect, but others may appear on the surface to be from a legitimate Puget Sound email address or external service (e.g. Microsoft, Google, Dropbox, Wells Fargo). You should always avoid clicking on links or opening attachments in email messages from unknown or suspicious sources. Be especially careful when checking email on a mobile device as many telltale signs are difficult to detect.
Common signs an email may be phishing:
- Has a "Caution" banner pre-pended to the body of the message
- Comes from an unrecognized email address outside the *@pugetsound.edu domain
- Sense of urgency
- Contains threats like shutting off a service or exposing information
- Display name does not match email address
- Reply-to email address does not match sending address
- Asks you to click a link for verification or upgrade
- Links to a shared document you are not expecting
- Impersonates third party applications not used by the university
- Hyperlinked text or buttons lead to an unfamiliar website (hover over linked text to show URL path)
- Contains attachments with unusual file extensions (e.g. .htm, .html, .exe, .dmg, .ps1)
- Demands payment via Bitcoin
- Sent outside normal business hours
- Bad spelling or grammar
Spam Messages Versus Phishing
While both spam and phishing result in receiving unwanted messages, spam is generally not harmful while phishing actively targets the recipient with the goal of stealing login credentials or sensitive data. Spam messages are typically unsolicited commercial emails. There is no need to report spam email messages to Technology Services unless you think it may be malicious. To handle spam emails, you can block the sender if desired then simply delete the email.
- In Outlook on Windows: right-click on the email, hover over "Junk" then click Block Sender.
- In Outlook on Mac: right-click (Control + Click) on the email, hover over "Junk Mail" then click Mark as Junk and/or Block Sender.
- In Webmail (Outlook Web Access): right-click on the email, then click Mark as Junk.
How to Report a Phishing Message
If you think you may have fallen for a phishing scam, please contact the Technology Service Desk immediately at 253.879.8585. Aside from changing your password, there are other steps needed to mitigate the risk of a compromised account.
If you are reporting a phishing email or have a question about the validity of an unexpected email message, you can simply forward the email to email@example.com. If you are able to send the email as an attachment for us to better investigate, please use the directions below.
- In Outlook on Windows: select the email, click More, then click Forward as Attachment.
- In Outlook on Mac: select the email, then click Attachment.