Read today’s Phish Tank scenario and if you get a similar email, be sure to follow the “what to know” advice.
The phish: An email appears to be from the IT office or any other TU office that uses single sign-on (the university login process that requires your NetID and password to gain access). There is a link to sign, and you are asked to provide your TU credentials. See an actual email example of this type of phish.
What to know:
- Don’t click! Hover over the link that is provided to see where it will send you.
- The Office of Technology Services at Towson University does not go by “IT,” we are always referred to as OTS.
- If you mistakenly end up on a login page, check the URL (the web address as shown in the top of the login screen) to make sure it is legitimate. Fraudulent login screens can look convincingly authentic.
- Forward the email to phishing@towson.edu, and then delete the email from your inbox.
How you can protect Towson University
Change your NetID password frequently-see instructions at towson.edu/netid. Visit towson.edu/phishing for more advice on recognizing phishing, and to see recent examples of actual phishing attempts.