Fight the Phish
2024 Update: PhishAlarm, a new faster way to report suspicious email to the IT Security Office, was made available on all Gmail web and Outlook web, desktop, and mobile interfaces.
This article applies to: National Cybersecurity Awareness Month
You are our best defense
Cybersecurity affects daily life for all of us—both at home and work. Phishing attacks have been escalating worldwide, including sophisticated two-factor authentication scams and the widespread use of ransomware. You are our best defense. Help fight phishing! Use these tips to spot email scams.
Protect yourself against phishing and scams
- If you receive an unexpected message that asks you to click a link or do something unusual like send a gift card, check the Phish Bowl and Verified Cornell Communications to see if it's listed. Report suspected fraud to the IT Security Office.
- Watch out for email targeted to stir your emotions. Criminals try to knock you off balance with threats, a false sense of urgency, or a deal that's too good to be true.
- Beware of unexpected Two-Step Login prompts and protect yourself against two-factor phishing scams.
- Confirm links by hovering over them to reveal the URL before you click.
- Never open links or attachments from untrusted or unexpected sources. It's best practice to be cautious with links and attachments received in email, no matter who sent the message.
- Check the sending address. The message could come from a fake or compromised account.
Build your cybersecurity awareness
According to the FBI, phishing attacks are the most common cybercrime. Scammers know you're overloaded with email and seize the opportunity to catch you off guard. These fraudulent emails claim to be from known individuals or legitimate organizations. They may contain links to fake websites that impersonate popular retail brands (e.g., Amazon, eBay, personal banking), where you are asked to enter your email address, password, or other sensitive information. Some messages also include malicious attachments intended to infect your computer or devices.
The Federal Trade Commission has reported that imposter scams are the top fraud category nationwide. A recent imposter scam involves a phishing email that leads to vishing or a voice phishing attack, designed to trick you into contacting a cybercriminal and giving up your credit card number and other personal details.
Do your part. #BeCyberSmart. Stay safe online and find out more about vishing and other scams with these helpful videos from the National Cybersecurity Alliance:
PhishAlarm, a new faster way to report suspicious email to the IT Security Office, is now available on all Gmail web and Outlook web, desktop, and mobile interfaces.
Comments?
To share feedback about this page or request support, log in with your NetID