Phishing Scams
IT Helpdesk
How to Request Support
Team Dynamix Self-Service
More information on Team Dynamix
Phillips Memorial Library, Room LL25
401-865-HELP
helpdesk@providence.edu
What are phishing scams?
Phishing scams are emails used by hackers to trick users into submitting sensitive data, such as bank account numbers, credit card numbers, social security numbers, or passwords. In advanced cases, a phishing email can even contain a link to a webpage that looks identical to a legitimate site but is actually run by the attacker.
Providence College’s Microsoft 365 email platform has been configured with anti-phishing technology designed to stop these emails from reaching any user’s inbox. However, in rare cases, this technology can be bypassed. Users should always exercise caution when opening emails and clicking links received from unfamiliar addresses.
How do I protect myself?
The following tips and tricks can help you protect yourself from identity theft, data loss, or other consequences that could result from a successful phishing attack.
Check the Subject and Banner
The subject line of all emails that originate from outside of Providence College will be appended with “[External].” Additionally, such emails will end with a banner message reminding users that, because of the message’s origin, they should exercise caution when clicking links or opening attachments.
If you receive an email from someone claiming to represent Providence College, such as a member of the IT department or administration, but also see the [External] subject tag and message banner, it is almost certainly a phishing scam.
Know the Common Tricks
Phishing scams, even from different attackers, often contain similar subject lines and content that try to instill a sense of panic, urgency, or concern in the victim.
Some common characteristics of email scams include:
- Receipt or invoice for an item you did not purchase
- Request to purchase gift cards
- An offer (job, price, etc.) that seems too good to be true
- Email written with excessive typos or poor grammar
- Email from a colleague sent through an external email address
- Short email, such as “Are you available?” with no context
- Unexpected email attachments from senders you do not recognize
- Request to verify your account by entering or sending your password
- Link to a website with a suspicious-looking URL
The most common phishing subjects include, but are not limited to, the following:
- Request
- Follow Up
- Urgent/Important
- Are you available?
- Are you at your desk?
- Status of your Payment
- Hello
- Purchase
- Invoice Due
- Re:
- Direct Deposit
- Expenses
- Payroll
- Security Alert
- Change of Password Required Immediately
Report; Don’t Click
Both the Outlook web and desktop clients allow users to report suspected phishing messages to Microsoft. Reporting suspected phishing messages to Microsoft will help to ensure that future similar messages are blocked before arriving in your Inbox.
Outlook Web App
- Visit Outlook on the web at http://outlook.office.com
- Select the suspected phishing email.
- Click on the ellipsis at the top right corner of the message.
4. Select “Mark as phishing” from the resulting drop-down menu.
Outlook Desktop Client (PC and Mac)
- Select the suspected phishing email.
- Click the “Report Message” button in the ribbon/toolbar.
3. Select “Phishing” from the resulting drop-down menu.