If you think you might have responded to a phishing scam with your MSU username, password, or any other sensitive personally identifiable information, immediately change your password and notify the UIT ServiceDesk at 994-1777.

 

Phishing refers to phone or email scams made by fraudulent parties, that attempt to trick you into divulging personal information such as

  • Usernames
  • Passwords
  • Credit card numbers
  • Bank account information. 

Phishing emails will use scare tactics, urgent requests and attachments to trick you. 

If you are asked in an email to open an attachment or click on a link, assume it is phishing. 

They claim and are made to look like they are from organizations with whom you have a legitimate business relationship.   

Phishing attacks can come in the form of a phone call or email message. 

See examples by clicking here

What if it is just JUNK or SPAM?

Refer to the Spam/Junk email & Quarantined Emails page here.

How do I avoid phishing scams?

  • Be suspicious of ANY email that asks you to provide personal information by replying to the message or clicking a link.
  • Be suspicious if:
    • The sender is unknown (and be aware that the scammers can make the email to appear to be from a trusted source)
    • The email is not expected
    • Anything seems out of the ordinary, like format, grammar or reply-to address.
  • Remember that neither MSU nor any reputable company will EVER ask for a username or password vial email.
  • When in doubt, ask for help before you act.  Contact the UIT Service Desk at 406-994-1777 and ask them to take a look or contact the company who purportedly sent the message as you would normally to verify the message's content. 

I received a phishing email. Now what?

If you are confident the email is phishing ...Use the Outlook Report Button

  • The Outlok Button allows you to report a phishing email via your Outlook desktop applicationOutlook on the web or Outlook mobile application.

  • This is the easiest and fastest way for your to report Phishing!

  • Using the Report Button will empower University Information Technology to review the email and take immediate action.

  • We ask you to report phishing emails using the Outlook Report button. 

  • Once you report a Phishing email using the Outlook Report button, the process will automatically move the email into your deleted items. 

  • The Outlook Report button will not appear in third party mail applications.

  • We recommend that all students and staff utilize the Outlook mail application or Outlook on the web. 

Without opening email:

  • If you can identify that the email is Phishing, without opening it, you can report it using this process. 
    1. Right Click on the row of the Phishing email. 
    2. Look for the work REPORT with a Shield to its left. 
    3. Click on this and report it as Phishing.

Outlook screenahot indicating the report button

  1. In the top left corner, you will see the Red Shield withthe word Report.
  2. Click on the downward chevron
  3. click on "Report Phishing"

Phishing report button inside Outlook email

Without Opening Email

  • If you can identify that the email is Phishing, without opening it, you can report it using this process. 
    1. Right Click on the row of the Phishing email. 
    2. Look for the work REPORT with a Shield to its left. 
    3. Click on this and report it as Phishing.

Outlook email for installed Outlook app on PC report button

Email Is Opened /  Inside the Email

  1. Click on the email message you would like to report.
  2. Click the Outlook Report button, in the top left corner of the email you want to report.Alert button in email in Outlook app
  3. You will receieve a pop-up windown with the message  "Phishing messages are designed to obtain your personal information by impersonating popular brands or including malicious links in the body of a message."Outlook report method pop-up screen
  4. Click the Outlook Report button, to report the message
  5. You will then see a banner appear in the top of the email that you report 

  6. Outlook phishing report completion banner

Without Opening Email

  • If you can identify that the email is Phishing, without opening it, you can report it using this process. 
    1. Right Click on the row of the Phishing email. 
    2. Look for the work REPORT with a Shield to its left. 
    3. Click on this and report it as Phishing.

Outlook for Mac inside email report button

Email Is Opened /  Inside the Email

  1. Open your Outlook application.
  2. Click on the email message you would like to report.
  3. Click the Phish Alert Report button, in the top right corner of the email you want to report.Outlook for Mac report button location
  4. You will receive a pop-up window with the message  "Phishing messages are designed to obtain your personal information by impersonating popular brands or including malicious links in the body of a message."
  5. Click the blue Report Button, to report the messageOutlook phishing button pop-up

 

 

If you are not sure if the email is phishing, and have questions about its legitimacy, forward the email to [email protected].

More information

Visit Stay Safe Online's Spam and Phishing section for more information on how to stay safe online and protect your personal information.