Every day this week, the Office of Technology Services (OTS) will provide a common phish scenario-examples that have actually tricked members of the TU community-along with advice on how to recognize and deal with phishing. Don’t fall for it!
What is phishing?
Phishing is an email sent by malicious hackers, designed to look like they are coming from a credible source that you trust. Often, the email will contain a link that redirects to a fake login in an attempt to steal your credentials. An attacker may use these credentials to gain access to critical applications, leading to a data breach, like the recent Yahoo! mail hack.
What does a phishing email look like?
Phishing emails may ask you to send or “confirm” your login ID and password. They can threaten to close your account or ask you to visit a phony website and provide personal information. The messages often appear to come from an organization you trust, using copied logos or branding – and may even contain the online signature of known contact.
How to avoid falling for phishing
- Never respond to messages that request sensitive information.
- Do not click on links, reply to the message, or call phone numbers provided within the message.
- Confirm the authenticity of the email by calling the sender using the TU phone directory (not a number provided in the email).
How you can protect Towson University
The Office of Information Security strongly recommends these general steps:
- Forward all suspicious email to phishing@towson.edu, and then delete the email from your inbox.
- Change your NetID password frequently; visit towson.edu/NetID for instructions.
- Visit towson.edu/phishing for more advice on recognizing phishing, and to see recent examples of actual phishing attempts.
