Phishing Overview

Summary

This introductory article on phishing provides a description of phishing, examples of spoofed senders, purposes and types of phishing as well as associated risks.

Body

 

Detailed Information

What is phishing

By posing as a person or organization you trust, phish actors exploit people for money, steal information, steal credentials, or plant malware.

Spoofed Senders

Messages may look legitimate or from a trusted source, such as:

  • Someone from the University, such as your supervisor or IT

  • Your bank or credit card company;

  • A government agency; 

  • A company that you may have an account with 

It is easy to replicate a logo, format or web page - tactics used by phishers to make messages look legitimate.

Purposes/Types of phishing

  • Credential Harvesting - Request you to log in to a spoofed site with your credentials, so that the phisher can steal your login credentials

  • Planting Malware - Include an attachment, such as an invoice, which could malware to infect your computer 

  • Scamming - Request that you make a purchase such as gift card, software renewal, or item with a very discounted price; or

  • Request you to verify or provide sensitive information. (ex. SSN, DOB etc.)

Risks from phishing

  • Direct Deposit Changes

  • Loss of money through gift-card or fake job scam

  • Loss of valuable university data or credentials that cause a wide-spread breach

  • Loss of Data such encryption which blocks your access if you don’t pay a ransom

  • Malware that may cause other havoc to your computer or steal data over time.

Other Related Phishing Articles

Environment

  • Phishing can be sent via email, text message, or phone calls.

 

Details

Details

Article ID: 139424
Created
Fri 9/8/23 3:38 PM
Modified
Thu 5/9/24 6:02 PM
Applies To
Students
Faculty
Staff

Related Articles

Related Articles (4)

What to do if you receive a suspicious or phishing email
This Article provides some proactive measures to minimize phishing impact, some ways to react to phishing, and actions to take if you think you were successfully phished.
This article describes signs of phishing, actions that criminals use to trick victim in thinking phishing message are real and phishing training that is offered with simulating message.

Related Services / Offerings

Related Services / Offerings (1)

Security assessment, education, and awareness of campus security requirements, policies, and guidelines. Includes contract reviews and risk assessments.