Top

Articles in this section

See more

Phishing Emails or Malicious Emails

Avatar
Ted Kocher
Updated
Follow

Audience: All Franklin University users with University Office365 email accounts. 
Disclaimer: The results and functionality of the following article only apply to the audience listed above. 

  

For best practices, please see the following video (staff or faculty log-in required to view): Click Here

Phishing or Malicious Emails

 

Definition: Phishing is a fraudulent attempt to gather personal information such as passwords, identity information, or financial information. For recent examples: Click Here

 

Action Item 1. Determine if it is a phishing email using the section below entitled "How to Detect Phishing Emails or Malicious Emails." If the email is a phishing email, please follow the other 3 action items below.

  • Remember, don't click on any links or enter any personal information unless you determine an email is completely legit. Use the criteria in sections of this article below to determine if the email is legit.

Action Item 2. Reset your password: If you have entered any personal information as a result of the email, or clicked on links in a malicious email, best practice is to promptly change your University password. Password credentials are the most common thing hackers are trying to access from you. 

          password.franklin.edu

         

Action Item 3. Forward the email to the Help Desk as an attachment, so that we can investigate. If you have already forwarded a copy of the email, thank you for your prompt action! 

Instructions to forward an email as an attachment: Start a new email to helpdesk@franklin.edu > drag the phishing email into the body of the new email > Send. 

              **There is an image at the bottom of this document showing the process**

Action Item 4. Mark the email as Junk: 

junk.png          

 

     

How to Detect Phishing Emails or Malicious Emails

For recent examples: Click Here

  • Faculty and Staff: Watch for banners that indicate if the email arrived from outside of the Franklin organization. Click Here for more information.
  • Phishing emails often contain urgent or threatening language. In some cases users are told they will be exposed, lose account access, saved data, money, reputation, or more. 
  • Be very wary of QR codes within emails.
  • Move your mouse over links in emails and it may show a different address than the one displayed.
  • Phishing emails often have generic greetings and signatures such as "Dear User" and "Sincerely, IT Helpdesk," etc.
  • Don't respond to emails that appear to be official, but come from un-official email addresses.
    • Faculty and Staff: See the following link: Click Here
  • Be wary of anything that gives a sense of urgency, or states that it requires immediate action
  • Be wary of too-good-to-be-true offers such as free airline tickets or vacation
  • Be wary of SMS messages that says it is from "5000" or some other number that is not a cell number. Scammers often mask their identity by using email-to-text services to avoid revealing their actual phone number

Please note that Franklin University will NEVER ask for your password through e-mail, so be wary of anything that says otherwise.

 

Detect Phishing Websites

  • Check for slight misspellings - in the URL, company name, etc. For example, paypa1.com instead of paypal.com
  • Check that you are on a legit website - Just because the word "Franklin" is in the web address doesn't mean that it is a legitimate website.
  • Be wary of pop-ups - Some phishing sites may take you to a legitimate website, but then prompt you for your username and password.
  • Use additional software - Many browsers have add-ons/extensions/plug-ins that can help detect phishing sites.

 

Best Practices

  • Please note that Franklin University will NEVER ask for your password through e-mail, so be wary of anything that says otherwise.
  • Don't use easily guessable passwords.
  • Don't use the same password for all websites and applications. 
  • Don’t enter sensitive or personal information on unsolicited websites or popup windows.
  • Go to links yourself, rather than clicking on links in emails
  • Don't click anywhere in suspicious e-mails—even in what may appear to be white space. Moving an email to the Junk folder can expose links hidden within an email. 
  • Don’t open attachments in unexpected or suspicious e-mails or instant messages.
  • Don’t send passwords, bank account numbers, or other private information in an email.
  • Don't accept social media friend requests from people you don't know
  • Don’t provide identity information, including credit card numbers, when you receive an unsolicited e-mail or phone call.
  • Look for 'https://' and a lock icon in the address bar before entering any private information on a website 
  • Install and regularly update an anti-virus program that can scan email.
  • If an email from a friend or colleague looks suspicious, call them and ask if the email is legitimate
    • Faculty and Staff: See the following link: Click Here
  • Call your financial institutions directly using the number found on the back of your credit/debit card or your monthly statement
  • If a person is requesting for personal information from an unrecognized number, ask for a case number and then call back through the main number.
  • Never use your University credentials (username/password) to login to other non-University websites
  • Never respond to a request for your password sent by e-mail, even if the request appears legitimate.
  • When in doubt about an email, contact the Help Desk.

 

Helpful Links:

http://www.phishing.org/what-is-phishing

https://www.microsoft.com/en-us/wdsi/threats/support-scams

https://www.consumer.ftc.gov/articles/0003-phishing

 

Drag.gif

 

 

 

Wish to log a request with the Help Desk? Use your Franklin University username and password to login: Log A Request

Was this article helpful?
1 out of 1 found this helpful
Return to top

Comments

0 comments

Article is closed for comments.