Phishing Detection and Remediation

What is phishing and what are some of the warning signs you should look for? Learn what action steps you should take when you receive a phishing email and the easiest way to report a phishing attempt on campus.

What is phishing?

Phishing is a form of fraud where a scammer attempts to have you reveal personal, financial, or confidential information by posing as a reputable entity in an electronic communication. Many scammers try to bait you by urging you to respond immediately by clicking a web link that appears official (with all the familiar logos or corporate phrases). Although most phishes come as email, phishing scams can also come in the form of text messages (SMShing) and phone calls (Vishing). Even if the request looks genuine or appears to be from someone you know, be skeptical and look for these warning signs.

Warning signs to help identify phishing attempts

  1. The message is unexpected and asks you to update, confirm, or reveal personal identity information (e.g., full Social Security Number, account numbers, NetID, passwords, protected health information).

  2. The message creates a sense of urgency.

  3. The message may include an unusual “From” address or an unusual “Reply-To” address. But be cautious, even if you recognize an email address, it could be a compromised account.

  4. The message includes links that don’t match the name of the organization that it allegedly represents. For example: "" could be slightly changed to read: "".

  5. The message includes grammatical errors (although scammers are getting better at this).

  6. The message is unexpected and offers an unbelievable job opportunity with great salary and perks. Yes, it's too good to be true. This is a job scam.

  7. The message impersonates a university leader or colleague. The email asks an employee to contact them for an urgent or important task. That “urgent task” is likely a request to perform an action that results in monetary loss to the employee or the university or to reveal confidential information. Always follow university policies when you receive an usual purchase request. This type of phishing is called a Business Email Compromise (BEC).

What should I do, or be aware of, if I receive a questionable email?

  1. If you receive an email that you weren’t expecting or one that feels unusual, contact the person, and ask if the email is real. Just don’t use any contact information that’s within the email itself. Remember: No university, bank, or company will ever ask you to verify personal information via email.

  2. Do not open attachments or click on any links until you know for a fact that this is a legitimate email.

  3. Do not forward the questionable email to others asking them if they think it is a phishing email.

  4. If there are URLs or hyperlinks, hover the cursor over them, but DO NOT click on them. Your email client will display the actual URL destination. If the URL doesn’t match the site it claims to be sending you to, do not click on it. For detailed information on this topic, please see Learn How to Recognize and Report Phishing (Source:

  5. Phishing emails can embed malicious code behind an image that will automatically download. Thus, configure your email client to NOT display any images without asking first.

  6. Relatively advanced emails can even tailor the email's content directly for the recipient.

What scams are hitting campus now?

Find out which scams are active at the Scam Alerts page (Source:

How do I report spam/phishing

Outlook users:

To report spam/phishing emails received via Outlook, please click the “Report Suspicious” button (images shown below) in the top ribbon/toolbar, or click the ellipses (…) to expand a drop-down menus to see the new add-in. This action will send the questionable email to the security team for review.

report suspicious action button     or    MacOS report suspicious button

Non-Outlook users:

If you use a non-Microsoft supported email client (e.g., Thunderbird, Apple Mail, Android/iOS native mail, etc.) or an older version of Outlook (2007/2010/2013) you should simply forward the suspicious message to

For additional information, please refer to: Microsoft 365 - Report Suspicious message (Source: KB 45051).

If you are ever unsure whether an email message is legitimate, or what you should do with it, do not respond to it! Instead, contact the DoIT Help Desk (Source: for advice.

Keywordsphish university bank company scams suspicious suspended disabled digitally signed junk folder filterDoc ID52781
OwnerKim M.GroupCybersecurity
Created2015-06-18 15:54:51Updated2024-07-09 09:20:35
SitesCybersecurity Operations Center, DoIT Help Desk, Microsoft 365, Office of Cybersecurity
Feedback  18   17