Phishing scams are more common now than ever before and have evolved well beyond the insincere pleas of imaginary displaced royalty hoping you’ll open a bank account for them. These days you may find that you receive a spoofed email, seemingly from your boss, asking you to purchase gift cards for them. Or you might find a too-good-to-be-true job offer unexpectedly land in your inbox.

Because phishing threats aren’t going anywhere anytime soon, and the results of falling for a scam can be dire, the university has taken steps to help protect you.

Cornell works to protect you from phishing.

If you’ve ever received a suspicious email, then you know how stressful it can be to determine if the message is a real request or an attempt to scam you. Fortunately, the university collects examples of phishing attempts in the Phish Bowl where you can search or browse reported emails positively identified as phishing attempts. Verified Cornell Communications are also available to help you confirm legitimate Cornell emails.

New to the lineup of tools and resources that protect you from phishing is Microsoft Safe Links. Malicious links sent to your Cornell University Microsoft Outlook mailbox, as well as links in other desktop, mobile, and web applications where you are signed in with your Cornell NetID, will be flagged by this security feature. Even if a web site becomes compromised after you’ve received an email, but before you’ve visited it, Safe Links will warn you if the link is risky.

How you can protect you from phishing.

The tools used by cyber criminals all have one major weakness: malicious downloads they hide inside links and requests for your personal information only work if you don’t know what to look for. Once you’ve familiarized yourself with phishing strategies, the easier it will be for you to spot them in your inbox. The National Cybersecurity Alliance has a quick breakdown of the telltale signs of a Phishing attempt. And remember, it’s not just email. Any digital communication, including a phone call, text, or social media message, can be exploited by cybercriminals.

If you use Microsoft Outlook or Teams with your Cornell ID, you can get familiar with the Warning Pages from Safe Links that help you avoid clicking through to a malicious website.

New Phish Fighting Tool for Gmail and Outlook

The new button appears in different places, depending on your device and interface. Examples and additional details can be found on the PhishAlarm instructions page.