Phishing is the practice of sending falsified emails with the aim of stealing personal information such as passwords, credit cards, or other sensitive data. Since the basic format of email is highly malleable and copyable, it's relatively easy to make a message look and sound official, and since email is used for many formal and official communications, it's possible to be duped into sharing information with the wrong people, or opening your computer to attack. It's also possible though, and often fairly easy, to spot a number of things that give away the fraud.
Next, they will require some action on your part, such as:
Certainly, a legitimate message could do similar things. So how do you know if it's real? There are a number of things to check that can be quick giveaways:
If you are suspicious, the most important technique is to find another route (besides information or links in the email) to verify any claims. Avoid clicking links in the email. Open a web browser yourself, and go to Lehigh's website, the bank's website, or whatever organization yourself, using your regular route to the site. Use a telephone, and call that person or organization, and ask about the email.
The second most important thing to do, if you're at all uncertain, is to report it. One thing about phishing is that you're likely not alone in receiving the message. 'Phishing' is like real fishing in that the message has been sent to many people, and the scammer is hoping that one person (or a few) out of perhaps hundreds or thousands will "take the bait." If you have strong suspicions, forward the email to the LTS Information Security Office at firstname.lastname@example.org or the LTS HelpDesk at email@example.com. They'll be able to examine it more closely, and notify others to be aware.
Lehigh's Gmail system makes it easy as well: With the questionable message open, select the small 'down arrow' next to the 'reply' button. In the menu, choose 'Report Phishing'.
To hone your spoof-spotting skills, and to see if your spoof has already been reported, LTS maintains a 'Rogues Gallery' of examples of phishing emails that have targeted Lehigh. How might you have spotted these as fake?
Library & Technology Services
8A East Packer Ave,
Bethlehem, PA 18015
Lehigh University provides a leading-edge library and technology environment that enables flexibility, innovation, and effectiveness in all areas of the academic enterprise, including learning and the student experience, research, administration, community-building and outreach.
27 Memorial Drive West, Bethlehem, PA 18015