Two Rules for Avoiding Phishing Emails

Mar 3, 2021

Home » Security » Two Rules for Avoiding Phishing Emails

Google says your passwords are compromised. The dean needs to see you ‘urgentlee’. Your bank says you’ve been assessed a seemingly random $200 fee.

None of these alerts are real events, but rather examples of phishing emails in which criminals try to get you to click links or share private information.

You’re probably familiar with the term “phishing” by now, and maybe you’ve even reported a few questionable emails yourself. Yet, it seems so counterintuitive – here’s a whole world of technology built around the idea of clicking links, and here is the tiny voice of your security awareness trainers trying to convince you not to click.

Two rules to keep in mind:

  1. Know your sender: The ‘display name’ should match the email address the message has been sent from.
  2. Know your content: The URL from links and other content redirects should match the address of the company it claims to be from.

The best way to research the links is to hover your cursor over them without clicking. If the email says it’s from the Dean of Students but the link goes to a server in Belarus, report it instead of clicking.

And, while it may be easy to remember the two rules, becoming a true anti-phisher-person requires your time and attention daily. It’s best if you can structure your digital life so that you only review emails when you can truly focus and are not distracted. That way, you’re more likely to bring your powers of observation online before you automatically click a phish.

If an email says it’s from an office at Northeastern, but you think it might be a phish, call that office or the ITS Service Desk (see below) to confirm before you respond. Remember that Northeastern Information Technology Services will never ask for your password or password hints in an email.

What if I get a suspicious email?

Contact the ITS Service Desk (617-373-4357) or open a live chat. You can also forward the email to Outlook users: Use the Report button to let Northeastern know about a suspect message.

What if I accidentally responded?

If you responded to a phishing email with your myNortheastern username and password, please contact the ITS Service Desk (617-373-4357) immediately or open a live chat.

If you have responded to a phishing email with your financial or credit card information, please contact the issuing bank or credit card company for assistance as quickly as possible.

Read More Articles

Tech Updates

Student Tech Update 4/6/21: 5-day loans of laptops and other equipment, and student experience focus groups next week

In this edition, based on students' feedback IT Services has expanded its services in Snell Library to support laptop loans for up to five days. Find more information about that and other resources in this update.

Tech Updates

Faculty and Staff Tech Update 4/6/21: Accessing Zoom recordings in Panopto and how to use Adobe Sign

In this edition, you’ll find resources for signing staff performance evaluations, grading exams, managing your video recordings and information on Back to the Classroom workshops in Boston

Digital Workplace

Background Basics for Virtual Meetings

In a world full of virtual meetings, backgrounds help us add a little fun, camouflage our clutter, and express our hopes and wishes for someday being able to be somewhere other than our home office.