Here are some helpful tips on identifying phishing emails:
Check the URL before clicking on a link. In VandalMail, you can hover your mouse over a link before clicking on it to reveal its destination address. On your mobile device, press and hold on the link to reveal its URL. Is the address different than what you expected? Is it garbled or incoherent? It might be a fake.
Make sure the sender is someone you know and trust. Also, who else was it sent to? If you don’t recognize the other recipients, you and the others listed may have been the target of a mass phishing attack. Cybercriminals often attempt to mass phish users in hope that some will bite.
Don’t click unexpected links or open unexpected attachments. Be wary of attachments that have strange filenames and extensions. FunnyCatPhotos.exe is tempting, but not at all what you think it is. If you are unsure about an attachment, make sure to scan it with an anti-virus program before opening.
Only use your UI password on uidaho.edu sites. Your NetID is used to authenticate with UI service portals, but not anywhere else. Before you enter your password, check the URL, and make sure that the page is using SSL encryption.
Check your online accounts and banking regularly to be sure no unauthorized transactions have occurred.
What if I have already responded to a phishing attempt?
Unsure about a website or email? Contact the Help Desk for confirmation. If you have received a phishing email, help us improve our filters by reporting it to email@example.com.
If you respond to a phishing email with your password, change it immediately, and notify ITS Security at firstname.lastname@example.org. ITS will work with you to re-enable your account.