October is National Cybersecurity Awareness Month, making it the perfect time to sharpen your skills for recognizing and responding to digital threats. Cybercriminals are becoming increasingly sophisticated, but with the right knowledge, the Northeastern community can stay one step ahead.
Spotting the red flags
Phishing attempts often disguise themselves as legitimate communications, but several telltale signs can reveal their true nature:
Suspicious sender addresses – Even if an email appears to come from a trusted source, take a closer look at the actual email address. Scammers often use addresses that closely mimic official domains but contain subtle misspellings or unusual characters.
Urgent or threatening language – Messages that create a false sense of urgency (“Your account will be suspended!”) or demand immediate action are classic phishing tactics designed to bypass critical thinking.
Unexpected attachments or links – Be wary of unsolicited attachments or links, especially from unknown senders. Hover over links before clicking to preview the actual URL destination. Don’t open attachments before confirming their legitimacy.
Requests for sensitive information – Legitimate organizations will never ask for passwords, Social Security numbers, or financial information via email or text message.
Unexpected or abnormal SMS messages – Scammers increasingly use text messages to trick recipients into clicking malicious links or sharing personal information (known as SMS phishing or “Smishing”). Common tactics include fake package delivery notifications, bank alerts, or prize winnings. Be especially cautious of texts with shortened links or urgent requests.
AI-generated voice or video calls – Scammers now use artificial intelligence to clone voices of trusted individuals, including family members. These calls might request urgent money transfers or sensitive information. If something feels off, hang up and contact that person directly through a known phone number.
Stopping threats in their tracks
When something seems off, trust those instincts. The best defense is often the simplest: don’t click, don’t respond, and don’t provide information. Instead:
- Verify requests through official channels by contacting the organization directly using known contact information.
- Use multi-factor authentication (MFA) for all university accounts to add an extra layer of protection.
- Keep software and systems updated to patch security vulnerabilities.
- Back up important files regularly to protect against ransomware.
Reporting makes a difference
Every reported threat helps protect the entire Northeastern global campus community. When you encounter suspicious emails or messages, forward the suspected message to phishcatcher@northeastern.edu to investigate.
When you flag a potential phishing email, you’ll receive an automated reply from the Phish Catcher team. Want to know if the message is indeed a phishing attack or a legitimate email? Just ask the team to respond; otherwise, they’ll assume you’re reporting a known phishing attempt.
The Phish Bowl is a reliable resource to check for known phishing attempts across the Northeastern network. Visit the Phish Bowl to view real examples of recent phishing attempts against Northeastern reported by students, faculty, and staff.
Reports help identify emerging threats, block malicious senders, and alert others who may be targeted.
The university’s security team monitors threats 24/7, but every member of the community plays a crucial role in maintaining a secure digital environment. By staying vigilant and reporting suspicious activity, everyone contributes to a safer campus network.
Remember: when in doubt, it’s always better to report a potential threat than to ignore it. Together, the Northeastern community can make cybersecurity everyone’s responsibility.
For more cybersecurity tips and resources, visit the Office of Information Security website and follow along with Cybersecurity Awareness Month throughout October. Join the weekly Cyber Husky challenge to brush up on cybersecurity knowledge and for the chance to win a prize at the end of October!