What is Phishing?
Phishing scams are used by fraudsters and try to trick you into divulging your personal information such as usernames, passwords, credit card numbers or bank account information, or to trick you into clicking on malicious links. They often come in the form of emails and can appear to be from organizations with whom you have a legitimate business relationship.
How do I know if an email is legitimate?
Unfortunately it can be difficult if not impossible to know for sure if an email is legitimate simply by looking at it. Any emails requesting that you send them personal or account information such as a password is almost certainly a scam. No legitimate organization would request personal information through email, nor would any legitimate business ever ask you to provide your username and password over email. If there is any question about whether or not the email is legitimate you should contact the organization that appears to have sent the email.
If you ever receive an email claiming to be from MSU that asks you for your username and password, you should delete it immediately. If you receive an email from MSU that you weren't expecting and it asks you to open an email attachment or click on a URL, you should confirm that it is legitimate even if you know the individual that appears to have sent it .
What should I do if I receive an email that might be legitimate?
If you receive an email that you believe may be legitimate and you might need to act on, the only way to be sure you are not being taken advantage of is to close the email, ignoring all links, attachments or phone numbers included, and open your web browser to navigate to the website you know belongs to the organization and log in that way or call the phone number you know is theirs to speak with somebody. If you receive an email from MSU and you are not sure if it is legitimate, you can always contact the MSU Helpdesk at 994-1777 or email@example.com and they will be able to help confirm whether it is a valid email or not.
What should I do if I receive a spam or phishing email?
If you receive a message that you know is phishing or spam, do not click on any links and delete it. If you wish to assist us with improving our filtering, please forward the message to firstname.lastname@example.org along with the complete header. In Outlook, the complete header is viewable and can be copied from the "Options" tab - be sure to contact the Help Desk for assistance with obtaining message headers from your particular email client.
Gmail userscan perform the following steps to alert Google.
To report spam (an unsolicited junk email message)
Select the suspected message, then click the Report spam icon located in the tool bar above the message (see red arrow).
To report phishing
- Click the down arrow located in the top right corner of message (see arrow 1).
- Click the Report phishing link (see arrow 2).
- Click the Report Phishing Message button.
Help us prevent spam
Send the header information of suspected email messages to email@example.com.
To gather the header information
- Click the down arrow (as shown in step 1 above).
- Click the Show Original link.
In the window that opens copy all of the information that comes before the message text (down to the dotted lines that divide the sections). Paste this info into an email and send it to firstname.lastname@example.org. This will help us prevent other users from receiving similar emails.