Skip to Content
Department of Information Technology

Can You Spot a Phishing Email?

A person's hand holding an iphone with an email message icon on a hook on the screen. As part of Seton Hall’s ongoing commitment to maintaining a secure digital environment, the Department of Information Technology emphasizes the importance of remaining vigilant against the escalating threat of phishing emails. These deceptive messages not only endanger individual users but also jeopardize the integrity of the University as a whole. Protecting the security of Seton Hall’s critical systems and data is a shared responsibility among all of its community members. It is imperative for students, faculty, and employees to familiarize themselves with the telltale signs of phishing emails and adhere to best practices for mitigating cyber threats.

One of the most deceptive phishing tactics is spoofing, where cybercriminals imitate the branding and appearance of well-known organizations in their messages to trick recipients. Spoofed emails often contain subtle misspellings or changes in font that can easily deceive a distracted user. For instance, a phishing email allegedly from "Gooogle" instead of "Google" and “Outllook” instead of “Outlook." These slight differences can often go unnoticed, especially when users are accustomed to receiving emails from specific organizations they trust. Therefore, users are encouraged to thoroughly inspect emails before responding, paying close attention to any inconsistencies or irregularities that may indicate a potential phishing attempt.

Telltale Signs of a Phishing Email

  1. Conflicting Information: Be on the lookout for discrepancies within emails; For instance, if you receive an email seemingly from the Technology Service Desk prompting you to change your password because it expires today but then you are given the option to keep your current password.
  2. Improper Domain Usage: Always ask yourself: is this sender someone who would normally send me this type of email? For example, receiving an email from "[email protected]" regarding quarantined messages in your Outlook mailbox might seem legitimate at first glance. However, it's essential to note that while the domain is valid, this specific message likely will not originate from authorized accounts within that domain.
  3. Urgency Tactics: Beware of messages conveying a sense of urgency, as bad actors often use this tactic to prompt immediate action. Whether threatening account deletion or enticing you with offers, such urgency can be indicative of a phishing scam.
  4. Language Errors: Pay close attention to spelling and grammar mistakes in emails as these can be telltale signs of phishing attempts.
  5. Incorrect URL Links: Exercise caution when clicking on links in emails, particularly those directing you to login pages. Verify that the URL matches expectations before providing any login credentials. Phishing emails often lead to fake login pages aimed at stealing sensitive information.

When in Doubt, Close it Out

If you have even the slightest suspicion about an email, refrain from taking any action or clicking on any links. Instead, use the 'Report Phishing' button to immediately notify the IT Security team of any suspicious emails that could potentially pose a threat to you and the entire Seton Hall community.

For more information, including a printable infographic on five ways to spot a phishing email, visit www.shu.edu/technology/phishing-scams.

Categories: Science and Technology

For more information, please contact:

NEWS CATEGORIES