Recently we have seen an increase in phishing emails here at the University of Hartford. OTS would like to take a moment to remind everyone about some things to look for when you receive a possibly dangerous email.
Something’s phishy if:
The email, text, or voicemail is requesting that you update/fill in personal information. Treat any communication asking for your credentials with extra caution.
- The URL shown on the email and the URL that displays when you hover over the link are different from one another.
- The “From” address is an imitation of a legitimate address, especially from a business or co-worker.
- The formatting and design are different from what you usually receive from an organization. This could be something like the logo looking pixelated or the buttons having different colors. There could also be weird paragraph breaks or extra spaces between words. If the email appears sloppy, start making the squinty “this looks suspect” face.
- The content is badly written. Sure, there are plenty of wannabe writers working for legitimate organizations, but this email might seem particularly amateur. Are there obvious grammar errors? Is there awkward sentence structure, like perhaps it was written by a computer program? Take a closer look.
- The content presents a false sense of urgency. Look out for statements like “failure to take immediate action will lead to your account being permanently deleted!”
- The email contains attachments from unknown sources that you were not expecting. Don’t open them, plain and simple. They might contain malware that could infect your system.
Another Phishy Scenario:
A warning about increased phishing attacks with specific information about emails being received that seek to defraud members of the campus community. Based on reports received by OTS and Public Safety, the pattern has consistently been the same: the sender will appear as an individual in power, such as a supervisor or a professor. The initial contact will request help or assistance to create a false sense of urgency. Should the victim reply, the fraudster will request money be sent in the form of gift cards. This fraudster will specify the amount, the type of card, and how to include the activation code. These are NOT real requests and you should not send any money or reply to further communication.
Tips on what to look out for:
- The “from” address uses a known name but does not use a @hartford.edu email address. Instead, the actual “from” address displays a free email service. Please check the entire “from” address, not just the name listed.
- Be cautious of an unexplained or under-explained urgency.
If you see a suspicious email or believe you might be a victim of fraud, report it immediately to OTS at email@example.com or 860.768.4357; or Public Safety at firstname.lastname@example.org or 860.768.7985.