Phishing Scams

Report a phishing email

What are phishing scams?

Phishing scams are emails used by hackers to trick users into submitting sensitive data, such as bank account numbers, credit card numbers, social security numbers, or passwords. In advanced cases, a phishing email can even contain a link to a webpage that looks identical to a legitimate site but is actually run by the attacker.

Providence College’s Microsoft 365 email platform has been configured with anti-phishing technology designed to stop these emails from reaching any user’s inbox. However, in rare cases, this technology can be bypassed. Users should always exercise caution when opening emails and clicking links received from unfamiliar addresses.

How do I protect myself?

The following tips and tricks can help you protect yourself from identity theft, data loss, or other consequences that could result from a successful phishing attack.

Check the Subject and Banner

The subject line of all emails that originate from outside of Providence College will be appended with “[External].” Additionally, such emails will end with a banner message reminding users that, because of the message’s origin, they should exercise caution when clicking links or opening attachments.

If you receive an email from someone claiming to represent Providence College, such as a member of the IT department or administration, but also see the [External] subject tag and message banner, it is almost certainly a phishing scam.

Know the Common Tricks

Phishing scams, even from different attackers, often contain similar subject lines and content that try to instill a sense of panic, urgency, or concern in the victim.

Some common characteristics of email scams include:

  • Receipt or invoice for an item you did not purchase
  • Request to purchase gift cards
  • An offer (job, price, etc.) that seems too good to be true
  • Email written with excessive typos or poor grammar
  • Email from a colleague sent through an external email address
  • Short email, such as “Are you available?” with no context
  • Unexpected email attachments from senders you do not recognize
  • Request to verify your account by entering or sending your password
  • Link to a website with a suspicious-looking URL

The most common phishing subjects include, but are not limited to, the following:

  • Request
  • Follow Up
  • Urgent/Important
  • Are you available?
  • Are you at your desk?
  • Status of your Payment
  • Hello
  • Purchase
  • Invoice Due
  • Re:
  • Direct Deposit
  • Expenses
  • Payroll
  • Security Alert
  • Change of Password Required Immediately

Report; Don’t Click

Both the Outlook web and desktop clients allow users to report suspected phishing messages to Microsoft. Reporting suspected phishing messages to Microsoft will help to ensure that future similar messages are blocked before arriving in your Inbox.

Outlook Web App

  1. Visit Outlook on the web at http://outlook.office.com
  2. Select the suspected phishing email.
  3. Click on the ellipsis at the top right corner of the message.
    click the ellipsis
  4. Select “Mark as phishing” from the resulting drop-down menu.
    choose "Mark as phishing"

Outlook Desktop Client (PC and Mac)

  1. Select the suspected phishing email.
  2. Click the “Report Message” button in the ribbon/toolbar.
    click "Report Message"
  3. Select “Phishing” from the resulting drop-down menu.
    choose "Phishing"

1 Cunningham Square
Providence, RI 02918 USA
+1.401.865.1000

Campus Map

Contact Providence College

Disclosures

Social

Work At PC