SKIP TO PAGE CONTENT
Menu

Phishing Awareness

Contact

Mark Nichols
Director, Computer Services
Phone: 662.720.7254
mdnichols@nemcc.edu 

Ron Smith
Computer Technician
Phone: 662.720.7442
rgsmith@nemcc.edu

Sarah Street
Computer Technology Assistant
Phone: 662.720.7390
srstreet@nemcc.edu 

Phishing Awareness: Don’t take the bait...

Hackers are Trying to Reel You In

Email is an essential part or our everyday communications. It is also one of the most common methods that hackers use to attempt to gain access to sensitive information. Studies show that more than 90% of data breaches start with a phishing attack.

Phishing uses fraudulent messages designed to appear to be from a legitimate person, business, or organization. They attempt to trick recipients into downloading harmful attachments or divulging sensitive information, including passwords, bank account numbers, and social security numbers.



Common Signs of Phishing

There are often clues hidden in a phishing message that you can use to determine if a message you have received is a phishing attack including:

Format Factors
  • Spoofed addresses that falsely appear to be from someone you know
  • Phony domains in email addresses, e.g NortheastEmplouee@gmail.com
  • An atypical address for that sender
  • A name that does not match the address
  • Generic greeting and closing
  • Poor grammar and odd formatting
  • Spelling and punctuation mistakes
  • Shortened URLs, links with typos, or unusual domain names, e.g. www.paypall.net
  • Vague titles for documents or attachments
 Tone and Urgency
  • A call to immediate action
  • Threat of negative consequences if you do not respond immediately
  • Request for help
  • Offering money, goods, or prizes
  • Overly complimentary
  • Requests for personal information or to update payment info
  • Password reset emails you did not request, or MFA login approval
  • Phony package shipping updates, or fake late payment notifications


Stay Secure, Don't Take the Bait

Slow down and confirm before you click to make sure it's a legitimate site.

  • Double check the domain name (the name following the www in the URL or web address) for misspellings
  • Is the extension (.edu, .com, .net, .org, .gov) correct?
  • Check the sender's email address

If You Suspect an Email Is Phishing

  • Don't open vague or unexpected attachments or call any phone numbers they provide
  • Don't click embedded links
  • Don't react to urgency. Creating urgency is a tactic used by cybercriminals to get you to click
  • Don’t reveal personal information unless you first confirm that the recipient is legitimate
  • Don't answer unknown phone numbers or reply to the sender
  • Contact the sender at a trusted phone number to confirm any unexpected messages

Think You Might've Fallen for a Phishing Attack?

  • Report any suspected emails to Computer Services
  • Immediately reset the password for the affected account and for any other accounts that use that same password. (You should never reuse passwords.)
  • Monitor all your accounts closely for the next few weeks

How Phishing Works

Let's run through a phishing scam. It starts with a fraudulent email message that appears to come from a popular or trusted website. The email looks official enough that it can seem legitimate. The result is busy, unsuspecting people respond to the phishing requests by sending credit card numbers, passwords, account information, or other personal information.

The email may also contain embedded links that seem to lead to a legitimate website but actually lead to a "spoofed website." Entering information in this phony site is another way cybercriminals gain personal information that they can use to steal your identity or credit card, or to hack your accounts.