From previous phishing attempts, our Information Security team has become aware of a trend during the Holiday season, that bad actors and scammers target Organizations and College Campus’ attempting to send phishing emails, which include suspicious links, malicious files or attachments, and fraudulent websites with login prompts. This would then result in your device or RCS Account becoming compromised, which could lead to unintended data loss, system instability, or security vulnerabilities.
Please see below Phishing awareness tips:
Look carefully at the Display Name of the Email Address – Typically, scammers will attempt to “spoof” an email address and will intentionally change the Display Name of an email to a legitimate Faculty, Staff, or Student.
[External] Tag – If you receive an email from someone that you know or recognize from RPI, however, the email you received was tagged as [External], this would most likely be a Phishing attempt email and should be cause for concern.
Emails that suggest urgency, unrealistic requests, or threatening language – Scammers often suggest something bad will happen if the recipient does not act quickly.
Inspect (don’t click) links to confirm they’re legitimate – To inspect links within Outlook, move your mouse over the link and review the URL address.
Generic greetings – Instead of using your name, the email may start with a generic greeting such as “Dear Customer.”
Please see below examples of phishing attempts: Warning: Do not explore the links from the phishing attempt listed below. We work to sanitize these examples, but please do not investigate them further on your own.
If you receive an email that appears suspicious, contains suspicious links, or are hesitant regarding the legitimacy of the email, please send a support request through ITSSC, and our Help Desk and Information Security team would be happy to assist with checking if the email is safe.
Thank you,
Matthew Lewis
Information Security Analyst
https://dotCIO.rpi.edu/IT-Security
