Home - Information Services - Get Help - How-to-Guides - Email & Calendar - Beware of Phishing Emails
Beware of Phishing Emails
Phishing emails are fraudulent emails sent by cybercriminals who are trying to lure confidential information (e.g., passwords, bank account numbers, etc.) from you. Usually, phishing emails look like they are coming from trustworthy sources (e.g., a bank, credit card company, PayPal, etc.), but there are numerous ways you can identify them.
Three Ways to Recognize Phishing Emails
- Look at the sender's email address.
In a phishing email, the sender's email address may be unexpected, unfamiliar, or contain an odd domain name. (The domain name appears after the @ sign in an email address, and it identifies the mail sever from which the email was sent.)
- Examine link URLs.
Links in phishing emails usually take you to fake websites that will install malware on your computer and/or ask you to enter confidential information, such as your MC user name and password.
To check where a link actually goes, hover your cursor over the link and look at the URL (i.e., the link's real web address) that appears in the pop-up box.
In a phishing email, the URL might not match the link shown in the message text or it may contain a misleading domain. (The domain defines the destination. Examples of domains are monmouthcollege.edu, microsoft.com, yahoo.com, etc.)
When examining link URLs, it's important to look at the last domain name listed because this will be the actual domain. For example, a URL that looks like https:\\microsoft.com.onlinesafety.maliciousdomain.com is going to the Malicious Domain site, not the Microsoft site. - Look for numerous spelling, grammar, and/or
punctuation errors in the message.
Phishing emails usually contain A LOT of spelling, grammar and/or punctuation errors.
As phishing emails become more sophisticated and harder to detect, it's important to trust your instincts when trying to determine whether an email is legitimate. If something just doesn't seem right, assume it's a phishing scam.
What to Do If You Receive a Phishing Email
Never click links in a phishing email or give out your MC login credentials (or other confidential information) to anyone who requests it. (No one from Monmouth College, including Information Services, will never ask you for your password or any other confidential information.)
If you receive a phishing email in your MC email, please forward it to phish.no.more@monmouthcollege.edu so that Information Services can examine it and attempt to remove it from others' mailboxes.
If you receive a phishing email in your personal email, just delete
it.