What are phishing and social engineering emails

Overview 

Criminals use malicious email and websites to try to trick you into revealing your password or other sensitive information or to infect your computer with malware. Universities are common targets. Phishing email often uses urgent language, asks for personal information, and has grammatical, typographical, or other obvious errors.

Acadia blocks a great deal of malicious email for you, but some phishing emails still get through. Learn how to recognize phishing and other malicious email to protect yourself and the university.

How to spot a phish

  • Check links before clicking. Check the full URL to see if it goes where you expect.
    • On your smartphone or tablet, press the link and hold down until a dialog box appears containing the URL.
    • On your computer, hover over the link with your mouse. The URL will usually appear in the lower left corner of your window.
    • Check shortened URL destinations with these shortened URL Security tips.
  • Check to see If the sender is forged. See How to Spot a Spoof.
  • Is the content suspicious?
  • Be careful where you enter your password. Learn what to look for to help spot fake Acadia login pages that many scammers use in phishing. 
  • Pay attention to banners.
    • External Caution Banner. Take note of an automated warning banner at the top of emails received from senders outside the university that contain links or attachments. The email banner urges extra caution with such messages.
    • If it looks like it's from an Acadia email address and it has the External Banner, be wary

Learn More About Phishing

Report Phishing

Acadia users can report phishing by either clicking the Phish Alert Button or forwarding the email to phishalert@acadiau.ca.

Trust your instincts. If it looks phishy, it probably is. Report it (which will delete it) and move on.  

  • If you would like to verify, verify in an alternate fashion - call or check their website. 

If You Get Caught

If you gave personal information in response to a phishing email or on a suspicious webpage, your account may be compromised.

Further Reading

Types of banned attachments

To view your entire quarantine inbox or manage your preferences, Click Here

Employees are automatically enrolled in Annual Security Awareness Training.  Take the training at KnowBe4. Login with your Acadia username and password. 

See below for the Social Engineering Red Flags. 

 

Details

Article ID: 475
Created
Wed 10/11/17 3:32 PM
Modified
Thu 7/14/22 12:23 PM