Phishing

Phishing is a common and dangerous form of cyberattack where malicious individuals attempt to deceive users into providing sensitive information, such as passwords, credit card numbers, or personal details. These attacks often appear as legitimate emails, text messages, or on websites that trick recipients into clicking malicious links, downloading harmful attachments, or providing personal information. Staying vigilant against phishing is crucial to protecting personal data and campus systems.

Scammers like to impersonate individuals with authority (president, provost, dean, chief information officer, system administrators, etc.) or generic organizations (help desks, software companies, banks, medical providers, governmental agencies, etc.)

Being cautious and verifying suspicious emails before interacting with them can prevent falling victim to phishing attempts.

Common signs

• Suspicious sender address: The sender's email address might be slightly altered to look like a trusted organization (e.g., helpdesk@cimch.com instead of helpdesk@cmich.edu).
• Urgent, alarming, or threatening language: Phishing emails often create a sense of urgency or fear, such as warnings about account suspension, unauthorized access, or overdue payments.
• Generic greetings: Instead of addressing you personally, they use generic terms like "Dear Customer" or "Valued Member."
• Poor grammar or spelling: Many phishing messages contain grammatical errors, awkward language, or strange phrasing that is not typical of legitimate businesses. Unfortunately, artificial intelligence is helping wrong doers craft better messages than ever.
• Unsolicited or suspicious attachments or links: Be cautious of unsolicited emails asking you to download files, click on links, or click on attachments. These often lead to malicious websites or install malware. Just because an attachment appears to be in one format doesn’t mean it is. A harmful .exe file can be easily disguised as a .pdf or .jpg.
• Mismatch between URLs and displayed links: Hover over links in the email to see where they actually lead. If the URL does not match the displayed text or seems strange, it's likely a phishing attempt.
• Requests for sensitive information: Legitimate companies will never ask for sensitive data like passwords, social security numbers, or credit card information via email.
• Too-good-to-be-true offers: Phishing scams may promise prizes, rewards, or financial windfalls that seem unrealistic.
• Spoofed websites: Phishing attempts may include links to fake websites that look nearly identical to legitimate ones but have slight differences in the URL.

How to handle suspected phishing messages and spam

Forward to spambusters@cmich.edu. If possible, forward the message as an attachment so the original headers are included. Messages will be evaluated by the OIT Information Security Office (ISO) to determine if any action is necessary. If you simply wish to verify if a message is legitimate, forward the message to spambusters@cmich.edu (as an attachment if possible) and include a statement in the body asking if the message is legitimate or malicious and a member of the ISO will let you know as quickly as possible.

• For those using the Outlook desktop client, you may use the “Report” button and select “Report Phishing.” This will automatically send the report to spambusters@cmich.edu as an attachment.
• Don’t reply or click on any attachment or link, including any “unsubscribe” link.
• Delete the message.
• Block the sender.
• Note the [External] tag in the subject of emails. This tag gets automatically applied to any message received from someone outside of our Microsoft 365 tenant. While this doesn’t necessarily mean the message is malicious, it is another indicator to be aware of, especially if the sender is purporting to be someone at CMU.
• Create rules or filters.
• Search out legitimate sender organization online and contact them using information provided on their website.
• Confirm authenticity of message.