In today’s interconnected digital landscape, phishing attacks have become a pervasive threat, constantly evolving to trick individuals into revealing sensitive information or falling victim to various scams. Recognizing and reporting phishing attempts is crucial for safeguarding personal information and protecting others from these insidious cybercrimes. This blog delves into how individuals can recognize and report phishing, fortifying their online security. 

  1. The Skeptical Mindset: A foundational aspect of defending against phishing is cultivating a skeptical mindset. Internet users must exercise caution when encountering unsolicited emails, messages, or phone calls requesting personal information, financial details, or account access. Vigilance is the first line of defense.
  2. Scrutinizing Sender Information: One of the initial steps in identifying phishing attempts is closely examining the sender’s information. Phishers frequently utilize email addresses or phone numbers that mimic legitimate sources, often with subtle misspellings or unusual domains. Individuals should be on the lookout for these discrepancies.
  3. Generic Greetings: Another red flag in phishing emails is using generic greetings, such as “Dear Customer” or “Dear User,” instead of addressing recipients by name. This impersonal approach is a common tactic employed by cybercriminals.
  4. Hovering Over Links: Before clicking on any link within an email or message, individuals should hover their cursor over it to reveal the actual URL in the status bar. This action helps verify that the link corresponds to a legitimate website, preventing accidental exposure to phishing sites.
  5. Scrutinizing Website URLs: Examining website URLs is critical. Legitimate websites begin with “https://” and display a padlock icon in the address bar to indicate a secure connection. Phishing attempts may use URLs with variations of the genuine domain or incorporate misspellings to deceive users.
  6. Secure Communication: Legitimate organizations typically avoid requesting sensitive information through email or unsecured messaging platforms. Individuals should always verify such requests through official channels, such as a company’s official website or customer support.
  7. Avoiding Information Sharing: A fundamental rule is never to share sensitive information like passwords, Social Security numbers, credit card details, or PINs via email or unsecured communication channels. This practice can thwart phishing attempts seeking to harvest such data.
  8. Caution with Financial Requests: Requests for money transfers, wire transfers, or gift card purchases should raise immediate suspicion, especially when received through unexpected emails or messages. Verifying such requests through direct contact with the requesting party is advisable.
  9. Verification with the Organization: When in doubt about the legitimacy of an email or message from an organization, individuals should independently verify the request. Contacting the organization through official channels, such as their website or customer support, can help confirm the authenticity of the communication.

Education is paramount in the battle against phishing. Individuals should stay informed about the latest phishing techniques and scams, continuously educating themselves on emerging threats. Moreover, sharing this knowledge with family and friends contributes to collective digital safety.

Recognizing and reporting phishing attempts is integral to individual and collective online security. By following the steps mentioned above, individuals can develop a heightened awareness of phishing attempts and contribute to thwarting these insidious cybercrimes. Ultimately, remaining vigilant, reporting suspicious activities, and staying informed are essential in defending against phishing attacks and preserving online security in our interconnected world.

Reporting phishing attempts is a civic duty in the digital age. If you receive a suspicious email in your Chapman account, do not click on any link or reply to the sender. Instead, please continue to report any malicious message by forwarding it as an attachment to abuse@chapman.edu. To see the latest trending scams, please visit www.chapman.edu/scams.


PRIZE ALERT!

For each of the four weeks of Cybersecurity Awareness month, we will have a weekly “challenge” to earn cool prizes! Anyone who completes the weekly challenge will be entered into the raffle for that prize.

Rules:

  • The winner will be randomly selected each week.
  • The winners must be Chapman staff/faculty/students, and submissions will only be accepted from their Chapman email address.
  • Only responses submitted from a Chapman University Email address are accepted.

Week 4 challenge:  Read the information found on the web articles below; please forward 1 Spam and 1 Phish email as an attachment to abuse@chapman.edu. Use the following subject line: “CSAM – Week 4.”

To forward an email as an attachment, open the email you want to forward and press (Ctrl-Alt-F). When the email is forwarded using the “Forward” button in Outlook, the information of the original email is replaced with your information, and it cannot be used to block the attackers.

Week 4 prizes:

  • 1st prize: Sceptre 22in Monitor
  • 2nd prize: Moon Lamp
  • 3rd prize: T-shirt (limited sizes)

That’s it! We hope to hear from all of you, and good luck!

 

Stay vigilant, stay safe!

Chapman University Information Systems & Technology (IS&T)