Body
Overview
Phishing refers to someone who sends an e-mail to you, claiming to be someone they are not to trick you into divulging personal or confidential information.
Often those who send phishing emails pretend to be someone from a legitimate organization or have another compromised an account of someone you might know from your organization. Information sought by the scammer ranges from a password or credit card number to personally identifiable information or bank account numbers of scam recipient(s).
Instructions
Two common tactics that scammers use are 1) offers that are too good to be true or 2) evoke a sense of urgency. An example of the former would be receiving a job offer claiming a company will pay you $1,000/week for a part-time job. This kind of offer is just too good to be true. The latter could be an email to update your account immediately to prevent it from being shut down with a link leading you to divulge account information.
No legitimate company would ask you to change your passwords or update your account information with a link in an e-mail. Purdue IT will never ask for your credentials in an email or ask you to click a link to update your account. The best security practice is to never click on the link or call the phone number provided in the e-mail, unless absolutely necessary. It is better to be too cautious or vigilant when using your email. To check the authenticity of the message, you should:
- Hover over links in emails to see where it is trying to take you
- Visit the company's website directly, instead of clicking the link
- Call the company and follow up on the email
- Copy and paste links in emails when using your mobile, instead of clicking the link
- Check for spelling/grammar mistakes within the email
- Ask other colleagues if they also received the suspect email
Phishing attempts to your Purdue University career account can be reported or forwarded to abuse@purdue.edu, or by using the Report Message button inside Outlook.
Phishing schemes are not only limited to e-mails but may be carried out by phone calls, social media DMs, Teams chats, text messages, pop0up windows or even by another instant messaging application. Phishing e-mails are becoming more sophisticated and appear legitimate by using company logos and names of companies that you know or trust. Some popular phishing schemes imitate websites such as PayPal, Amazon, Microsoft Outlook, credit card companies, large banks or even Purdue’s login page.
Compromised Accounts
Compromised accounts also play a role in many phishing emails, in which a scammer gains access to a Purdue or vendor account and uses the previously established trust of the domain. Just because an email comes from a “purdue.edu” email address, does not make it safe.
Collaboration tools such as SharePoint, Google Drive, and Dropbox are also often used by scammers with a compromised account as they are typically considered trustworthy. Rather than clicking links, you can typically navigate to their portal and preview the document. Be wary of generically named documents being shared with you via email such as “Document 1”, “PURDUE INVOICE”, or “PASSWORD NOTICE”. Good questions to ask yourself when receiving collaboration files via email are
- “Am I expecting this file?”
- “Why does this document contents just have a single link to click?”
- “Why is a random Purdue student asking me to change my password via this Google Form?”
- “Why do I have to sign in again to view this document?”
To report a compromised PWL, PNW, or PFW account please contact Purdue IT Security Team via abuse@purdue.edu.
Troubleshooting