Phishing FAQs

Body

Overview

Phishing is a kind of cyber attack that uses email or messaging services to trick you into taking action, such as opening an infected email attachment or clicking on a malicious link. The name comes from a similarity to the sport of fishing. Cyber attackers don't know who will fall victim, but they do know the more phishing emails the send, the more "fish" they will catch.

 

FAQs

Why is it called phishing?

In a phishing attack, cyber attackers put out "fishing bait" for you in the form of an electronic message. Like a good lure, it is crafted to look authentic - often appearing to come from a trusted source or playing on your emotions, such as a sense of urgency or curiosity.  Attackers don't know much about your personally, so they choose a particular "bait" they think people will go for, such as a message from a popular service or brand of credit card.

 

What's the difference between phishing and spam?

Phishing

Phishing email messages have criminal intent to get you to do something against your best interest or to harm F&M. It usually has one or more of these identifying factors:

  • Appears to come from a reputable source, including spoofing another F&M account
  • Has a tone of urgency -- to take action quickly, like clicking a link or opening an attachment
  • Requests additional personal or organizational information
  • Involves a financial transaction of any kind, or includes an immediate reward or gift
  • Presents a problem with an immediate solution, like an account being past due with a penalty that will be waived if you take action immediately
  • Appears too good to be true

Report suspected phishing email messages by clicking the Phish Alert button in the right hand sidebar. (Resembles an orange fish hook.)

Orange fish hook

Spam

Spam is unsolicited, unwanted, annoying email that is typically sent for marketing purposes or to try to sell you something. Spam is often misleading, but rarely malicious. Report spam in the Gmail web interface by clicking the Report Spam button -- an exclamation mark within an octagon.

Octagon with an exclamation point

 

How can I avoid getting caught?

  • Don't be in a hurry to click every link, text, and attachment.
  • Be skeptical of messages that look suspicious or seem odd.
  • Look for clues that suggest an extreme sense of urgency, play on your emotions, request sensitive information, or have peculiar language.

 

What do I do if I suspect I received a phishing email?

If you find an email that looks suspiciously like phishing, open the email in your Inbox. Look to the far right-hand side of your GMail screen to locate an orange "fish hook." Click the fish hook icon. This will open a KnowBe4 Inc box. Click Phish Alert and it will forward the email to our security team who will investigate the email further. Do not open any attachments or forward to anyone else. Delete the email.  And take no further action unless the security team contacts you with instruction. 

Fish hook icon

 

What does the security team do with email I report as phishing?

The security team does a thorough analysis of the email to check and see if anyone else if it is a potential threat to our network, and a scan is performed to see if others at F&M received similar emails.  In the event that the email is phishing, then the email is quarantined to ensure it does not cause damage to our network.

 

Need More Help?

If you still need help, contact the Help Desk!

  • Enter a Service Request here on this page (scroll up and click Request Service) to route your request to the right expert.

  • Call the Help Desk at 717-358-6789.

  • Stop by and see us at Martin Science Library.

 

 

Details

Details

Article ID: 12324
Created
Wed 10/2/24 10:15 AM
Modified
Mon 11/4/24 3:58 PM