Outsmarting phishing emails

The Linfield community has recently been met with an influx of phishing emails and, subsequently, warnings about these emails from Information Technology Services. Although it’s nice to be warned about potentially dangerous emails, those who aren’t knowledgeable in cybersecurity are left wondering what phishing emails even are.

According to the ITS page on the Linfield website, “phishing refers to creating an imitation of an existing legitimate Web page or the use of email to trick users into providing sensitive personal information.”

But why does this happen? “So the operators can steal your identity and run up bills or commit crimes in your name,” says ITS on their website. Since these emails ask you to submit your personal information on their website, they can collect enough info from unsuspecting victims to cause more trouble than they’re worth.

One way that phishing emails are deceiving the Linfield community is that emails are being sent from non-Linfield addresses, but with Linfield student or faculty names. One phishing email that was sent out to part of the community, for example, used a student’s name to tell those who received it that their account access would be terminated if they clicked a certain link.

There are ways to know you’re being deceived before you click anything in the email. When reached out to in regards to a potential phishing email, Moriah Huber, Help Desk Specialist at ITS, said, “you can tell because if you hover over the link, it will direct you to a fraudulent website.” Hovering over a link to make sure the website is legitimate is one way to keep yourself safe from phishing scams.

Another way is to know the signs. If you can spot a phishing email before you click anything, your information will stay safe. The emails can’t do anything if they’re just sitting in your inbox, but simply clicking on a link, even without giving away personal information, can let malware into your computer.

If an email claims to be from a legitimate business or organization, but asks for you to give away personal information online, it is most likely a phishing scam. If this “organization” threatens you in any way, it is clearly fraudulent. Real businesses and organizations don’t ask—or threaten—you for this information online.

ITS lists four ways to keep yourself safe from phishing emails: think before you click, never give out personal information, change your password often, and beware of popup messages. Ultimately, if you suspect an email in your inbox might be trying to steal your information, you can contact ITS and see whether they confirm that it’s a phishing email. If it is, they’ll let you know and warn those with Linfield email addresses about the potential threat.