Phishing is an email fraud method in which a criminal sends a sophisticated email appearing to come from a reputable business or organization, such as Temple University, including fraudulent links seeking to obtain your personal information and passwords.
Temple will never ask you for your password, or any personal information, via email.
If you receive a suspicious email, forward it to firstname.lastname@example.org. Do not respond to the message. You can also check systemstatus.temple.edu to check if a phishing attack has already been reported by a cautious Owl such as yourself.
Table of Contents
Phishing scams are sophisticated messages, typically emails, that appear to come from legitimate organizations (i.e. the university, your bank, Amazon, etc.), which are attempting to obtain your personal information (i.e. your password, account number, credit card, etc.). The message may ask you to respond with your personal information or include a link to a fraudulent website. Often, the message conveys a sense of urgency to scare you into responding immediately.
If you receive a suspicious email and are uncertain of it's validity, please forward it to email@example.com. Do not respond to the message or provide any information until you confirm the legitimacy of the message.
- Are they requesting personal information? Red flag! Trustworthy companies and organizations will never ask you for your password, social security number or any personal information via email.
- Does it sound too good to be true? Unexpected messages that offer money, fame, valuable gifts or anything that seems too ridiculous to be real, are better left alone. If you're uncertain, forward the message to firstname.lastname@example.org to have it checked and validated before responding.
- Is there a sense of urgency? Scammers use threats and urgency to scare you into acting immediately. If you are concerned, always contact the organization directly whether by phone or online. Never reply to a suspicious email.
- Who is the email from? Hover your mouse over the name of the sender in the From column to reveal email address of the sender. While it may appear to come from a person, business or organization you recognize, the email address ending may appear to be suspicious.
- Are there spelling and/or grammar mistakes? While messages are becoming more sophisticated, often scammers misspell words.
- Are the hyperlinks within the email legitimate? Hover your mouse over hyperlinks to reveal the URL. Often the hyperlink will lead to a fraudulent site. To be safe, visit websites directly by opening a new window and typing the URL.
- Plain text? Logos? Email from a companies and organizations that you trust generally include the company's official logo. Often, scams are plain text.
Please visit the Additional Resources section to learn more about how to recognize a phishing scam.
Also, remember you can always check systemstatus.temple.edu, where reported scams will be posted.
Example of a phishing attempt sent to members of the Temple University community in May 2015:
Example of a phishing attempt made to appear to originate from Staples.com:
In this example, the "Track Order" link does not direct you to staples.com. You can hover over a hyperlink to reveal the URL, which will appear in the bottom left corner of the screen. To be safe, rather than clicking on links that may be fraudulent, visit websites directly by opening a new window and typing the URL.
Similar to trying to obtain your personal information through a phishing email, a criminal may also resort to other means of communication such as in-person visits, phone calls, pop-up messages on your computer, or text messages to manipulate or trick you into disclosing personal or confidential information in order to conduct fraud, gain system access or gather personal information about you or others at Temple University. Be mindful of these other scams and when in doubt, follow the steps below to report or check the authenticity/validity of the communication you received.
See something? Say something!
We learn about phishing attempts from you and then take action to inform and protect the Temple University community. Please report any suspicious emails to email@example.com. We appreciate your help!
- Microsoft - "How to recognize phishing email messages, links, or phone calls"
- Google - "Unwanted or suspicious mail"
- Apple - "Identifying fraudulent 'phishing' email"
- Yahoo - "How can I recognize a phishing email?"
- PayPal - "Your Guide to Phishing"
- Amazon - "This E-mail from Amazon?"
- Wired - "Identify a Phishing Scam"
- FBI - "Spear Phishers"
- StaySafeOnline.org - "Spam and Phishing"