Two Rules for Avoiding Phishing Emails

Mar 3, 2021

  1. Home
  2.  » 
  3. Security
  4.  » Two Rules for Avoiding Phishing Emails

Google says your passwords are compromised. The dean needs to see you ‘urgentlee’. Your bank says you’ve been assessed a seemingly random $200 fee.

None of these alerts are real events, but rather examples of phishing emails in which criminals try to get you to click links or share private information.

You’re probably familiar with the term “phishing” by now, and maybe you’ve even reported a few questionable emails yourself. Yet, it seems so counterintuitive – here’s a whole world of technology built around the idea of clicking links, and here is the tiny voice of your security awareness trainers trying to convince you not to click.

Two rules to keep in mind:

  1. Know your sender: The ‘display name’ should match the email address the message has been sent from.
  2. Know your content: The URL from links and other content redirects should match the address of the company it claims to be from.

The best way to research the links is to hover your cursor over them without clicking. If the email says it’s from the Dean of Students but the link goes to a server in Belarus, report it instead of clicking.

And, while it may be easy to remember the two rules, becoming a true anti-phisher-person requires your time and attention daily. It’s best if you can structure your digital life so that you only review emails when you can truly focus and are not distracted. That way, you’re more likely to bring your powers of observation online before you automatically click a phish.

If an email says it’s from an office at Northeastern, but you think it might be a phish, call that office or the ITS Service Desk (see below) to confirm before you respond. Remember that Northeastern Information Technology Services will never ask for your password or password hints in an email.

What if I get a suspicious email?

Contact the ITS Service Desk (617-373-4357) or open a live chat. You can also forward the email to phishcatcher@northeastern.edu. Outlook users: Use the Report button to let Northeastern know about a suspect message.

What if I accidentally responded?

If you responded to a phishing email with your myNortheastern username and password, please contact the ITS Service Desk (617-373-4357) immediately or open a live chat.

If you have responded to a phishing email with your financial or credit card information, please contact the issuing bank or credit card company for assistance as quickly as possible.

Read More Articles

Digital Workplace

Former ITS co-op student honored with Co-op Excellence Award

Congratulations to Apoorva Sandeep Kadu, a former ITS co-op student whose work with the Unified Communications VOiP project team was recognized.

Tech Updates

Faculty and Staff Tech Update: 5/11/22

In this update, take action by accepting updated NUwave certificates, refresh your knowledge about the Hub, explore new additions to the Adobe Creative Suite, check out Concur's updated interface, and learn about using Poll Everywhere in your classroom.

Tech Updates

Student Tech Update: 5/11/22

In this update take action by accepting updated NUwave certificates, check out library resources in the Hub, explore new additions to the Adobe Creative Suite, and learn about resources and benefits for new alumni.