How to Identify Phishing Emails and Protect Your Passwords

Phishing emails are deceptive messages that often appear to be from trusted sources like colleagues, vendors, or even legitimate companies. These emails attempt to trick you into revealing sensitive information, such as your login credentials or personal details. Common signs of phishing emails include suspicious sender addresses, offers that are 'too good to be true', urgent or threatening language, unexpected attachments or links, and requests for sensitive information like passwords or account numbers. Some malicious links or attachments can even harvest your credentials by simply clicking them, and may never ask you to input your credentials. Staying vigilant and avoiding clicking on suspicious links or attachments is essential in today's world.

To avoid falling victim to phishing attempts, always take a moment to carefully inspect any email that asks you to click on a link or download an attachment, especially if it seems out of the ordinary or urgent. Hover over links to verify their true destination before clicking and avoid opening attachments from unknown or unexpected sources. If an email claims to be from a trusted organization but looks suspicious, it’s always a good idea to contact the sender directly using known contact details to verify the request. Never send a reply to a phishing, spam, or suspicious email, and never enter your password or other personal information in response to an unsolicited email. Additionally, remember that legitimate companies will never ask you to share your password or personal information over email.

Finally, remember that your password is a crucial line of defense. Never share your password via email or over the phone, even if the request seems to come from a trusted person. If you're unsure whether an email is legitimate, you have three methods to report the message to EMU IT.

1. Forward the message to helpdesk@emu.edu

2. If you suspect the message to be Spam, click the ellipse on the message, and choose  Report Spam.

3. If you suspect the message to be a Phishing attempt, click the ellipse on the message, and choose Report Phishing