Security: Protect your Account from Phishing

What is Phishing?

Phishing is a fraudulent activity of sending emails posing as a legitimate person or company in order to obtain sensitive information such as usernames, passwords, credit cards, and gift cards . They send out e-mails which appear to come from legitimate websites such as banking institutions, corporations, or even Columbus State. The emails may state your information needs updated or validated and asks that you enter your username and password (and possibly additional personal information). 

Jump to the section below: What to do if you are a victim of phishing

Columbus State will never ask you to:

  • enter your login credentials
  • validate or verify that you need an account

Red flags of phishing

Phishing emails contain subtle clues (or red flags) that legitimate emails don't have. These red flags can help you spot a phishing attempt and avoid becoming a victim:

Sample email with red flags by [EXTERNAL] in the subject line, and email address

  • Email address - Names are easy to fake, always confirm the email address is really from that person.
  • Subject line - if the subject starts with [EXTERNAL], it is NOT from a CSCC email address. Not all external emails are scams, but if the person's name matches someone at Columbus State, it should not be flagged as [External] and the email should end in

Example phishing email with red flags described below labeled

  • Generic salutation - watch for a generic salutation such as "Dear customer" or "Dear employee" instead of your name.
  • Urgency - phishing emails try to create a feeling of urgency so you act before you think, so you miss the red flags.
  • Poorly written - watch for misspellings, poor grammar, and punctuation errors.
  • Account verification request - legitimate organizations will never reach out to you to verify your account with them.
  • Link or button - links can easily route you to different websites than they claim to. Never click links unless you can confirm the sender's identity.
  • Attachments - any attachments can contain malware, and opening it can install the malware on your computer where it can wreak havoc on your computer or even your organization's entire network. Never open attachments unless you can confirm the sender's identity.
  • Contact information - watch for strange or generic information in a signature. Legitimate organizations want you to be able to contact them, if necessary.

If you receive a suspicious email, don't click any links. Report it to the Information Security Office at Columbus State to investigate by forwarding it as an attachment to:

Learn more with short videos

Learn more about phishing & scams, password best practices, malware dangers, and more by watching short awareness videos:

What to do if you are a victim of Phishing

Steps to take iā€‹ā€‹ā€‹ā€‹f you believe you have entered personal information (password, secret question answers) into a phishing site:

  1. Change your compromised information immediately by going to and clicking Change My Password

    Compromised information may include:
    1. Password
    2. Secret questions / Answers
  2. Report  the email for further investigation by forwarding it as an attachment to:

IT Help

Click on IT Help Home in the top menu at any time to view IT Support hours and contact information.
To learn more about using the IT Help Homepage, see the article on Remote and In-Person Support.

Was this helpful?
0 reviews
Print Article


Article ID: 186
Tue 3/10/20 12:26 PM
Wed 10/18/23 11:40 AM
Add Comment(s)
contains IT Help footer

Related Articles (2)

How to change your Columbus State password if you have forgotten it or need to update it.