Phishing is bad. Phishing steals identities. Phishing wrecks lives.

If there is just one message that you can take away from this complicated topic, it is this: Phishing is bad. Phishing steals identities. Phishing wrecks lives.

What is Phishing?

Phishing is a technological attempt to steal your personal information, usually through email. Sometimes, the message simply asks you to provide your personal information through some ruse.  A phishing email might also contain attachments that, when opened, install malicious software on your computer.

Spear Phishing is a special attempt to gain unauthorized access to confidential data by targeting a specific organization or person.  A spear phishing email appears to be from someone or some company that you know. The spear phisher is familiar with your name, email and knows a little about you usually through social media, using that to win your confidence and cooperation.

What are the negative effects of phishing? 

When your Kenyon account is compromised, your personal and private information is vulnerable along with any documents or information shared between you and others. A compromised account also extends the risk beyond you and to the community. An account that has been compromised can be used to gain information on others and can be used to send emails with the goal of obtaining the account details of more accounts.

How can I protect myself?

Learn how to recognize a phish.  Phishing emails usually appear to come from a well-known organization and ask for your personal information.  Either directly in the email body, or linking out to another website, a phishing email could be asking for your username, password, credit card number, social security number, and much more. 

Think you can spot a phish? 

Take a quiz below! Can you tell the difference between a legitimate email and a phishing scam?

Remember:

Kenyon will NEVER ask you for any login credentials, especially not passwords!

Things to look for:

  • Requested personal information
  • Generic greetings or company spoofing
    • Dear Bank User, From Bank - Main Branch
    • Dear Facebook User, From Facebook Research Team
    • Dear Kenyon Employee, From Kenyon IT Department
  • Bad email addresses
    • Always mouse over the from address to make sure it is legitimate
  • Forged Links
    • Always mouse over any link in the email to see if the address matches the link that was typed in the message
    • Look to see if the link starts with an https and not http
    • Do not click on the link if you are unsure
  • Oddly named attachments
    • Do not download if you are unsure
  • Sense of urgency or threats
    • Within 48 hours… or your account will be locked
  • Bad Spelling
  • Poor formatting

Some Examples:

Image showing notification for phishing scams.

Image showing what to notice to identify a phishing email.

Want to learn more?

Read about phishing in the newsFurther protect yourself by considering Two Factor Authentication (2FA). See this page for additional information. If you have any questions about phishing or 2-step verification, please visit us at Helpline in the Chalmers Library.

References