Read today’s Phish Tank scenario and if you get a similar email, be sure to follow the “what to know” advice.
The phish: an email appears to be an official TU email (example: from the Office of the Provost, Office of Human Resources, etc.) asking for some Personally Identifiable Information (PII), for you, your staff or your students. See an actual example (PDF) of an email that appears to be from a TU office.
What to know:
- Do not reply to the email. Pick up the phone and call the sender to verify they are looking for this type of sensitive info.
- If the request for PII is legit, use Secure share to send the file-don’t attach it to the email.
- If they did not send the email request, forward the email to phishing@towson.edu, and then delete the email from your inbox.
How you can protect Towson University
Change your NetID password frequently-see instructions at towson.edu/netid. Visit towson.edu/phishing for more advice on recognizing phishing, and to see recent examples of actual phishing attempts.