How to recognize a malicious email

Owned by Eileen Galvin
Last updated: Jan 22, 2024
3 min read

 

Keep in mind, Library & Information Technology staff will never ask you for your password or to provide a two-factor authentication code.

 

 

What is Phishing?

Phishing is a means of gaining access to an account through email, telephone or text message, sent by someone posing as a legitimate institution. The aim is to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, passwords or education records, by prompting users to provide their login credentials or installing malicious software on their computer. If successful, these attacks can lead to identity theft, data and financial loss, and a breach of the entire network

The unfortunate reality is that this type of attack is more prevalent than ever, and many users don’t recognize a phishing attempt.

Anatomy of a suspicious email

Email, subject line, Odd emails from your account. Tagged External. From Information Technology ITatccaddd.edu. Mailed by ccaddd.edu. Message, Hi first name, We've received a couple messages today about strange emails and spam being sent from your email account. Could you please sign in and review your recent logins under the 'security' tab, we're trying to confirm if your account has been breached, or if your email address is being spoofed. Thanks, CCAD Information Technology

 

  1. Is the email tagged “External?” If so, then it came from an address outside of CCAD, even if they claim to be from within the organization.

  2. Do you recognize the email address? It’s easy to look at the sender and miss the actual email address just to the right of it. An email that is from CCAD would have an address that ends in @ccad.edu, not @ccaddd.edu.

  3. Click the down arrow next to “to me” to expand the sender information. In this example, the sender’s domain is ccaddd.edu, which is not legitimate.

  4. Examine links in the email carefully before clicking on them. In this example, https://ccad.google.com/mail is not a real address. You can also hover over a link with your mouse to see a preview of the address it redirects to. In this example, the link forwards to: https://34.75.2o2.lol/XVkVkRVNtOXRSamRhYUdSSk9WZFpVM3BPYkhKdmRrSkR etc.

  5. Does the message create a sense of urgency? Breathe. It’s natural to act before thinking when you’re panicking, and that’s exactly what these emails want you to do. Sometimes, it will be obvious that the situation doesn’t apply to you (I don’t even have an American Express account). Other times it will seem much more plausible.

  6. Is the email asking you for personal information? Never send personal information in an email—addresses, credit card information, driver’s license information, Social Security number, etc. Never send account passwords to anyone. Email is not a secure form of communication, and most organizations realize that. That’s why banks and doctor’s offices often have their own secure platforms for uploading files. The IRS will never ask you to provide information over email, they’ll send it to your mailing address.

  7. Finally, does anything just seem off about it? Are there a lot of misspellings or grammatical errors in the email? If you recognize the sender, is the wording different from their normal communication style? Look out for red flags, and keep in mind that many harmful emails will seem credible when taken at face value such as the example shown above.

 

What should I do if I’ve received a phishing email?

If the email doesn’t pass any of the these tests, clicking the three dots at the top right of the email and select Report Phishing. This will safely remove the email from your Inbox and report it to Google.

 

You don’t need to report it to the Help Desk unless you’ve clicked a link in the email, opened an attachment, or responded to it. If you have done any of these things, please contact the Help Desk immediately by calling 614.222.6174 or emailing helpdesk@ccad.edu.