Security: Protect your Account from Phishing

Summary

What to do when you receive a suspicious email

Body

What is Phishing?

Phishing is a fraudulent activity of sending emails posing as a legitimate person or company in order to obtain sensitive information such as usernames, passwords, credit cards, and gift cards . They send out e-mails which appear to come from legitimate websites such as banking institutions, corporations, or even Columbus State. The emails may state your information needs updated or validated and asks that you enter your username and password (and possibly additional personal information). 

Jump to the section below: What to do if you are a victim of phishing

Columbus State will never ask you to:

  • enter your login credentials
  • validate or verify that you need an account


Red flags of phishing

Phishing emails contain subtle clues (or red flags) that legitimate emails don't have. These red flags can help you spot a phishing attempt and avoid becoming a victim:

Sample email with red flags by [EXTERNAL] in the subject line, and email address

  • Email address - Names are easy to fake, always confirm the email address is really from that person.
     
  • Subject line - if the subject starts with [EXTERNAL], it is NOT from a CSCC email address. Not all external emails are scams, but if the person's name matches someone at Columbus State, it should not be flagged as [External] and the email should end in @cscc.edu.

Example phishing email with red flags described below labeled

  • Generic salutation - watch for a generic salutation such as "Dear customer" or "Dear employee" instead of your name.
     
  • Urgency - phishing emails try to create a feeling of urgency so you act before you think, so you miss the red flags.
     
  • Poorly written - watch for misspellings, poor grammar, and punctuation errors.
     
  • Account verification request - legitimate organizations will never reach out to you to verify your account with them.
     
  • Link or button - links can easily route you to different websites than they claim to. Never click links unless you can confirm the sender's identity.
     
  • Attachments - any attachments can contain malware, and opening it can install the malware on your computer where it can wreak havoc on your computer or even your organization's entire network. Never open attachments unless you can confirm the sender's identity.
     
  • Contact information - watch for strange or generic information in a signature. Legitimate organizations want you to be able to contact them, if necessary.

If you receive a suspicious email, don't click any links. Report it to the Information Security Office at Columbus State to investigate by forwarding it as an attachment to: abuse@cscc.edu


Learn more with short videos

Learn more about phishing & scams, password best practices, malware dangers, and more by watching short awareness videos:


What to do if you are a victim of Phishing

Steps to take iā€‹ā€‹ā€‹ā€‹f you believe you have entered personal information (password, secret question answers) into a phishing site:

  1. Change your compromised information immediately by going to password.cscc.edu and clicking Change My Password

    Compromised information may include:
    1. Password
    2. Secret questions / Answers
       
  2. Report  the email for further investigation by forwarding it as an attachment to: abuse@cscc.edu

 


 Need IT Support?

  Contact support: (614) 287-5050 | helpdesk@cscc.edu  
  Visit in-person: Computer Commons (TL / MO)  
  Hours and information: About Us  

Details

Details

Article ID: 186
Created
Tue 3/10/20 12:26 PM
Modified
Wed 9/4/24 12:34 PM
Add Comment(s)
contains IT Help footer v2

Related Articles

Related Articles (2)

How to change your Columbus State password if you have forgotten it or need to update it.