If you receive an email that looks suspicious, consider the following:
1. Don't trust the sender display name. Check the "from" email address. Does it look like it matches the sender display name? If something seems off, trust your instincts and delete the message.
2. Look - but don't click. If there are any words with links, you can hover your mouse over them in order to view the full link embedded in the message. If it's untrustworthy or the link has been shortened somehow (bitly.com is commonly used in phishing attacks for this purpose), do not click the link. Just the simple act of clicking a link can infect your device with malware and compromise your account.
3. Check for typos or grammar mistakes. Typos, especially multiple instances in one message, are becoming less common but still can give away a phishing attempt.
4. Analyze the "from" email address. In an attempt to make tip #1 less effective, scammers will often spoof email addresses of trusted organizations. Look for typos, oddly placed characters, and unusual word combinations in the "from" email address.
5. Analyze the greeting. Is it a generalized greeting, or a properly customized greeting with your name?
6. Analyze the signature. Do you know the sender? Can you verify outside of this message that they've sent it to you?
7. Don't share any personal information. Legitimate organizations will never ask for personal credentials or information via email.
8. Beware of urgent or threatening language in the subject or message. If a package is being held, an account has been suspended, or you won't believe the embarrassing photo of you, this may be a phishing attempt.
9. Don't open attachments. Attachments can include malware and viruses which infect your computer once opened, stealing your passwords or other information or spying on your online activity without your knowledge. Never open email attachments you weren't expecting.
10. Trust your instincts. If something doesn't feel quite right, it probably isn't. If the message is purporting to be from a known/trusted source, follow up with that individual or organization by phone or other means outside of the suspicious message.
When a Butler user’s account is compromised, scammers use their Butler email address to send out phishing attempts. For this reason, some of the phishing attempts circulating campus do come from legitimate Butler email addresses. Therefore, don’t rely only on the sender’s email being legitimate alone to determine if a message is safe or not.
When Butler IT knows about a phishing attempt circulating campus, we will post information about it on our status page. To access the status page, go to ask.butler.edu and click on the Status widget. On the Alerts page, you will see information about any phishing attempts circulating campus. If no information is posted and you are unsure about an email, contact the IT Help Desk for assistance before you open attachments or click on links.
If you determine that an email you have received is a scam and you have not clicked on links or opened attachments, report the email to the IT Security Team following these instructions:
However, sometimes attackers get crafty and it may be hard for people to tell if a message is legitimate. In these cases, and especially if you or someone at Butler you know is being used in a targeted crafty campaign, please report the email to IT following these instructions: How to Report a Suspicious/Phishing Email
For more information about phishing, visit www.butler.edu/it/phishing and www.butler.edu/it/safe. If you have questions or concerns, contact the IT Help Desk .
