Phishing
How can I detect a phishing email?
-
Toggle Item1. Take your time
A minute of caution now can save you from the embarrassment and frustration of losing private data to a criminal.
-
Toggle Item2. Look for anomalies
Ask yourself: is there anything out of the ordinary about this email? Were you expecting it? Is it written in the sender’s voice, or does it sound “off”? Are there grammar or spelling errors? Are the logo and branding different from usual, or even missing altogether? Note that professional places of business will rarely allow even one mistake in their emails.
-
Toggle Item3. Beware urgency
Messages that urge you to act quickly before a deal ends, an account closes, or some other consequence strikes should raise a red flag. Online criminals often capitalize on their victim’s instincts and fears. Don't accept any "free" offers or make any account changes you aren't absolutely sure you signed up for.
-
Toggle Item4. Beware requests for private information
Reputable organizations, like banks, government institutions, large companies, and your university, will never pressure you to divulge credentials or information, and certainly not in a single urgent email.
-
Toggle Item5. Check any URLs
You can mouse over a link or button to see where it goes (or press and hold on a mobile device). Look for unusual spellings or extra material in the URL. Links that start with “http” instead of “https,” or that have long, multi-part domains (like “download.google.com.drive.systeca.net”) are particularly suspect. In a URL, the most important element is the domain. For example, the link below would take you to filesshare.com, not Google.
-
Toggle Item6. Check the sender's email address
Does their email match their organization exactly? Watch out again for misspellings or extra characters, like “susan@amazon.com.net” or "susan@grnail.com."
-
Toggle Item7. Look for other contact information
Does the sender provide a phone number or address? If you receive an email from an unknown source, it’s best to independently research the source before responding in any way. Type the links yourself instead of clicking.
-
Toggle Item8. Never, under any circumstances, reply directly to a suspicious email.
Just don't do it.
-
Toggle Item9. Ask the human
Instead of replying directly, find and contact the sender via another channel of communication. For example, you could easily dismiss a phishing email pretending to be your bank by checking your bank account manually (that is, without clicking links in the email). If you get a message from a superior asking for an urgent and possibly sensitive favor, you have every right to send them a text or knock on their door to confirm it's really them. You'll likely be respected for exercising caution with sensitive tasks.
-
Toggle Item10. Report suspicious emails
If you believe the message is suspect, forward it to us at phishing@byu.edu by following the steps below.
Other Scams
As phishing attacks increase, so does our ability to detect and deter them. The CES Security Operations Center maintains an archive of actual phishing emails sent to CES institutions, called the Phish Bowl. You can browse the Phish Bowl to learn more about how phishing works. If you've received something suspicious, you can also check the Phish Bowl to see if a similar message has been reported before.
How to Report a Suspicious Email
If you think that an email or message you've received seems suspicious, please forward it as an attachment to the email address that corresponds to your school:
BYU | phishing@byu.edu |
BYU–Hawaii | phishing@byuh.edu |
BYU–Idaho | phishing@byui.edu |
Our information security team will carefully examine the message. If it really is a phishing attempt, we will take any necessary measures to alert other potential victims. Select your email provider from the tabs below for how to safely forward an email.
- Click New Message.
- In the New Message window, click the icon in the upper right-hand corner for Open in new window.
- Position the new window so you can see both Outlook windows at the same time.
- From the inbox bar on the left, click and drag the suspicious email into the New Message Window.
- Enter relevant information in the To, From, and Subject fields.
- Send the email.
- Open the email, but don't click on anything inside.
- Click on More in the Respond options located in the Home tab at the top of the application under the respond category.
- Under the Home tab, in the Respond category, select More.
- Select Forward as Attachment. You can also find this option from the 3-dot menu in the upper right corner of the email, next to Reply and Forward.
- Send the email.
OR
- Select the email and use shortcut Ctrl + Alt + f.
- Send the email.
- Don't click on anything in the email.
- Select the message you want to forward as an attachment.
- Open the Messages menu from the toolbar at the top of the screen (near Apple logo).
- Select Forward Special > As Attachment.
- Send the email.
OR
- Open the email and use shortcut Cmd + J.
- Send the email.
- Don't click on anything in the email.
- From your inbox (not the individual email window), select the checkmark by the email.
- From the More menu (3 dots on the far right of the top bar), select Forward as Attachment.
- Send the email.
You may also select Report Spam from the same More menu. This options reports the issue to Google, not to us.