- What is phishing?
- How to tell if it's a phishing email?
- What to do if you think you've been phished?
Phishing is a malicious e-mail impersonating some type of service provider. They attempt to get your account information to gain access to internal systems, such as email, Banner, or shared drives.
Some phishing emails will ask you to forward your username and password, while others will direct you to a website that looks "similar" to CCRI websites to trick you into entering your username and password. The CCRI Help Desk will never ask for confidential information in an email. This includes passwords, DOB or even personal information like your name or address. Furthermore, you should avoid clicking on links in emails that direct you to secure areas as they may potentially be spoofed web pages.
Phishing emails can be identified in the following ways:
- It asks for personal identifiable information, such as your CCRI username or password.
- Threatens to take away access or delete accounts if you do not reply.
- Have spelling or grammatical errors.
- It is being sent from another school or a staff member at the college
- Links in the email direct you to unsecure pages (NOT https).
- Hovering over the links shows you a different address than the one displayed or non-CCRI pages.
These are not inclusive of all messages that could be spam, so when in doubt, you can always forward the email to the CCRI IT help desk at [email protected] for confirmation.
If you have already sent your username and password or click on a link and entered your username and password, you should take immediate action and do the following:
- Change your CCRI passwords. You should also change the password to any system that you use the same password for.
- Check your Sent Mail folder to see if there are any suspicious messages that have been sent from it. This will help confirm if your account had been compromised by another party.
- Check your inbox rules in Outlook Web Access to see if another party has started deleting your messages.