Cybersecurity Awareness: Phishing

Recognize and Report Phishing

Phishing is when a cybercriminal poses as a person, company, or organization in hopes of getting individuals to engage with malicious content or links. It remains one of the most common tactics among cybercriminals today. Phishing is an attack to steal usernames, passwords, credit card information, Social Security numbers, and other sensitive data.

Phishing is most often seen as malicious emails or texts pretending to be from credible sources. Here are some ways to protect yourself from these scams.

1. Think before you click

Phishing emails and text messages often tell a compelling story to trick you into clicking on a link or opening an attachment. Look for misspellings and poor grammar in emails. These are red flags for phishing scams. When in doubt, do not click.

2. Check the sources before clicking on them

Hover the cursor over a link in a message to see the web address. If it differs from the URL in the message, it will likely be a phishing scam. Retype the website address into the browser instead of clicking the link in the email. DO NOT copy and paste it. 

3. Be careful with your personal information

Avoid providing personal information to unknown people or websites. If a person, department, or organization unexpectedly asks you for personal information, contact the entity by phone to verify the request is legit before acting.

4. Check your statements constantly

Review account statements regularly to ensure all charges to credit cards and payment apps are legitimate. Report unauthorized activity immediately

5. Report a Phishing Incident

If you think you have been the target of a phishing campaign, report the incident to the Information Security Team.

Visit the Cybersecurity Awareness page for more ways to make our digital community safer.