Versions Compared

Version Old Version 1 New Version 2
Changes made by

Janna Dougherty

Janna Dougherty

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.



Page Properties
hiddentrue
idUpdate


AuthorJanna Dougherty
Last Updated

 

  •  Assign this article to your supervisor or fellow team member using "@" and their name for an accuracy check. This user will check off this line when they have approved the article. 
  •  Assign this article to a member of the Academic Technologies team. This team member will check off this line item when the article has been approved, then move the article to the Knowledge Base. 


...

  • Check the Sender Information:
    • Email: Look closely at the sender's email address. Often, phishers use addresses that are slightly different from legitimate ones (e.g., @cnnu.edu instead of @cnu.edu). Be wary of generic greetings like "Dear Customer" instead of your name.
    • Text/Phone: Spoofed numbers are common. Don't trust caller ID.
  • Verify Through Secondary Channels:
    • If a message claims to be from someone you know (a colleague, professor, or family member), do not reply to the message directly. Instead, contact them through a known and trusted method (e.g., call them on their known phone number, email them at their official address). Do not use contact information provided in the suspicious message.
  • Beware of Unexpected Attachments and Links:
    • Attachments: Never open attachments from unknown or unexpected senders. They could contain viruses, ransomware, or other malware.
    • Links: Hover your mouse over links without clicking to see the actual URL. Look for misspellings, unusual domain names, or shortened URLs (e.g., bit.ly). Never click on links in suspicious messages. Instead, type the website address directly into your browser.
    • MFA Notifications: Be extremely cautious of unexpected MFA prompts. If you didn't initiate the login, deny the request and immediately change your password on the associated account. Attackers might have obtained your username and password through other means and are trying to bypass MFA.
  • Pay Attention to the Language:
    • Urgency: Phishing messages often create a sense of urgency ("Act now!", "Your account will be suspended"). This is a tactic to pressure you into acting without thinking.
    • Threats: They may threaten negative consequences if you don't comply (e.g., account closure).
    • Prizes/Rewards: Be skeptical of messages promising free prizes or rewards.
    • Grammar and Spelling: Phishing messages often contain grammatical errors and typos.
  • Requests for Personal Information:
    • Never provide your password, financial information, or other sensitive data through email, text message, or phone call, especially if you didn't initiate the communication.


An annotated sample of a phishing email has been provided below, to highlight some common hallmarks of this tactic: 


Image Modified

CNU Will NEVER:

...

  • Do Not Interact: Do not click links, open attachments, or reply to the message.Report It: Screenshot the message and forward it to us via the Helpdesk. Vigilant users can help us by serving as an early warning system against widespread attacks on campus.
  • Eliminate It:
    • Email: Mark the message as spam or phishing in your email client and delete it.
    • Text: Block the sender's number.

...