Phishing

Information about what phishing is and who to contact if you believe you might have received a phishing message.

If you have been phished, please forward the email to abuse@msu.edu specifying you have been phished and immediately change your NetID password and any other passwords you believe may have been compromised.

 

If you need immediate assistance, please contact the ANR Service Desk or MSU IT Support.

 


 

What is phishing?

Phishing is a scam that is particular to the internet in which you receive a message that pretends to be something that it's not in order to get you to do something that you wouldn't normally be willing to do.

In the workplace, these messages are often in the form of an email, but they can also show up on social media including direct messages on places like Facebook, Twitter, Instagram, and more.

These types of attempts often try to trick you into clicking on a link within the message that is false, opening an attachment that can lock your computer, or responding with personal information such as to messages claiming you have won a giveaway/prize.

Another type of phishing, called spearphishing, is a message that is targeted toward a specific individual, especially those who assist higher level administrators. These messages can appear to be from someone you know personally asking you to send money to someone else, change passwords, etc. These types of phishing messages can be harder to detect and are often more damaging due to the type of access they can provide if successful.
 

How can I determine if an email is phishing?

  1. Remember what typical emails look like.
    • Would you expect this type of email to have typos?
    • Would you expect this type of email to use this font?
    • Would you expect this type of email to ask you to click a link or attachment?
    • Would you expect the person sending this email to communicate this way?
    • Would you expect the person sending this email to ask you for this?
  2. Think "maybe phishing?" when you notice something is not right.
    • Would phishing potentially explain the unusual things you are noticing?
  3. Ask for help.
    • Contact the sender by a different method such as a phone call to ask if they really sent the suspicious message. It is important to avoid contacting the sender by the method you believe may be compromised as the scammer may still have access to that communication method and respond to you.
    • Ask the ANR IT Service Desk or MSU IT Support for assistance.
       

How can I find more information about phishing?

Visit the MSU IT Phishing Website for more information on how to recognize if an MSU email is actually a phishing attempt and what to do if you receive a phishing email.

 

Did you find this article useful?