This article is intended as a quick refresher, for the full training guide please read this article: How to spot a phishing email
Here are a few clues to help you spot a phishing email.
What NOT to trust
- The FROM address
- The sender's name
- Any Houghton College logos
These items might seem like safe indicators of the source of an email, however each of them can be easily
faked by an attacker.
What to look for
- Social Engineering
- The goal of every phishing email is to trick you into doing something you shouldn't.
- Look for a threat or call to action
- Do the links go where you would expect?
- Hover over the link with your mouse and see where it actually goes.
- Does the link take you to a Houghton.edu website?
- If the link doesn't seem legitimate, don't click on it!
- Is the email specific or generic?
- Does the email use Houghton College terms or generic words that might apply to any institution?
- Is the email written specifically to you, or is it vague (e.g. "Dear employee")?
- Is the email well written?
- Many phishing emails are written by non-native English speakers and contain typos and poor grammar.
- Be suspicious of every email with a link or attachment.
- We want you to contact the Helpdesk if you have doubt about an email.
- We won't be upset if you question something; our top goal is the safety of college data and systems, stopping to ask us about an email is furthering that goal.