Dear Faculty, Staff, and Students,

This week the focus of National Cybersecurity Awareness Month is phishing scams.

Each year, higher education organizations, including MSU, fall victim to phishing attacks. The goal of most attacks is to get a user to divulge personal or financial information or to gain access to the victim's computer. Universities are often targeted because of their open environments and easy-to-access email addresses.

Phishing scams generally come in one of the following forms:

  • Email
  • Phone calls
  • Web popups that direct you to call “technical support”

In all forms of phishing, the attacker claims to be, and often appears to be a person or organization you trust and with whom you do business.

Follow the basic guidelines below to protect yourself and MSU from phishing attacks.

  • Never click on links or files that look suspicious.
  • Report “phishy” emails to phishing@montana.edu.
  • Never call phone numbers on unsolicited popups.
  • Remember that legitimate institutions will never ask you for your username and password.
  • Be on the lookout for typos, poor grammar, or styles inconsistent with messages you usually receive.
  • Never give out information over the phone if you did not initiate the call or if you don’t know the caller.
  • Be wary of links emailed or texted from unknown or unverified senders. If you weren’t expecting the email, browse to the website that belongs to the organization on your own to avoid being directed to a fraudulent site.
  • If you think that you may have responded to a phishing scam or clicked on a “phishy” link, please contact the ITC Service Desk.

For more information about phishing and tips to spot an attack, please visit http://www.montana.edu/itcenter/ncsam.

Sincerely,

The Information Technology Center

ITC Service Desk
helpdesk@montana.edu | 406 994.1777
Renne Library Commons