Tips to Prevent Phishing Attacks

What is Phishing?

A phishing attack is a fake email designed by malicious hackers to look like it is coming from a trusted brand or institution (like Lamar University, the LU Service Desk, banks or credit card companies).

Why do Hackers Phish?

The goal is to get you to click on the links and/or open an attachment.

Once you give up your user names and passwords or any personal information, it can be used to breach your employer's systems, steal your money, or steal your identity.

Learn How to Avoid Phishing Scams

Phishing: At the Office

Phishing: At Home

Five Ways to Identify a Phishing Attack

Who is the real sender?
Does the supposed sender match the address inside the “<>s”? For Example:
- From: LamarServiceDesk<jdoe987@example.com>
While the name, LamarServiceDesk, in this email address may appear legitimate, the email address, jdoe987@example.com, is not from the Lamar University Service Desk. This email may have been compromised or spoofed.

Most phishing attacks originate from an individual email account that has nothing to do with the organization represented, or it looks very close to the real address…but not close enough (amaz0n.com vs. amazon.com).
Check the addressee.
Use your "mouse hover".
An effective tool to identify and avoid phishing attacks is the mouse hover. Use your mouse to position the cursor over the link without clicking.

Caution: Do not click on the link, just hover over it, and you will see the destination address or URL appear in a pop-up bubble or in the bottom left corner of your screen.

If the destination address does not lead to a site you would expect, it is likely a phishing attack.
What's in the footer?
The footer of any legitimate email should contain, at a minimum:
- A physical address for the institution or brand, and
- An unsubscribe option.
If it lacks either of these items, it is probably fake.
Not sure if it's phishing?

Don't Get Hooked!

Phishing poster

Download Your Own Phishing Poster