How to spot start-of-the-semester cyberscams

The start of the semester, long holiday breaks and tax season are prime time for phishing scams. The flurry of back-to-campus events, assignments and emails can be overwhelming, and the worry of missing something can lead to accidentally clicking through a phishing email. The Office of Information Security in the Office of Technology Services (OTS) reminds the campus to be aware of phishing emails sent to your TU and personal email accounts, and recommends keeping these resources for help with identifying and reporting phishing. 

What is Phishing? 
Phishing is an email scam designed trick you into providing sensitive information such as usernames, passwords or credit card numbers, or opening an attachment that installs malware on your computer or device. 

Recognizing Phishing 
It’s not always easy to spot phishing attempts, especially when they appear to be legit. These characteristics are red flags, and the email in question should be treated as suspicious when they are present: 

  • Request for username and passwords-especially for NetIDs. No one at TU will send an email asking for your username and password. And no one will ever ask for your password. 
  • Fraudulent job postings or announcements. Be extra cautious of job announcements coming from a sender’s personal email address.
  • Unusual or strange purchase requests. Call the sender and ask if he or she really needs the info or to make the purchase they’re requesting.
  • References to OTS as the IT department or IT service. The technology office at Towson University never refers to itself in writing as “IT” – always look for “The Office of Technology Services” or “OTS” in communications. 
  • Obvious spelling mistakes and bad grammar. Emails sent from TU departments and offices are almost always reviewed and spell-checked prior to distribution. 
  • Unfamiliar links in the body of the email. Don’t click – hover over the linked text to check the actual web address. 
  • Attachments that are “.exe” or “.zip” files. Opening these can launch and spread malicious software. 
  • Unknown sender, or an email from an unsolicited source. If it isn’t from an @towson.edu address, call the sender to confirm. 
  • Storage Space/account threats or urgent messages waiting. Look up the sender in the TU directory (not a number provided in the email) and call to confirm, or contact OTS at 410-704-5151. 

I’ve received a suspicious email-now what? 

  • Do not reply, click on any links, or open any attached files. 
  • Report the suspicious email by using the “Report phish” button in the email in your Outlook account or forward the email to phishing@towson.edu.
  • If you are concerned that your information or device may have been compromised, contact OTS at 410-704-5151 or submit a TechHelp service request. 

To learn more about phishing and view actual phishing examples, visit www.towson.edu/phishing. 

Tags: , , , , ,

Categorised in:

This post was written by Weldon, Jennifer