Phishing Awareness

Tools to help you determine whether an email is authentic or designed to trick you


What is phishing?

Phishing is a form of cyber attack in which criminals use social engineering to trick you by sending fake emails that appear to be from a trusted source, such as an administrator or supervisor, local business, or coworker.

Common tactics include making threats ("If you do not act now, you will lose access to your account!") or asking you to confirm personal information ("Click here to log in and confirm your account"). Sometimes phishing emails include attachments that can infect your computer with a virus or malware if you open them.

A sophisticated attack might take you to a website that looks just like your bank's website, but is actually a fake site designed to collect your login information.


Why would anybody want to target me?

You're right, cyber criminals probably aren't interested in your lesson plans or teaching materials, but you are still a target.

Attackers want to trick you into divulging personal information so they can get access to your files or emails, or even your bank account. Your files and emails might even contain some personal information about students or other employees, meaning that if you fall victim to an attack, you could put others at risk for identity theft and fraud.


How can I determine if an email is authentic or phishy?

Here are five warning signs of suspicious email that you should learn to recognize:

  • The email asks you to confirm or provide personal information
  • The email address is not familiar, or does not look genuine
  • The message contains poor grammar or spelling
  • There is an attachment that you weren't expecting to receive
  • The message contains threats that make you panic

If a message seems suspicious, don't click on the links, open attachments, or reply, just hit delete! If you're suspicious, but also concerned that it might be genuine, consult with a colleague or someone in the IT department.