What is Phishing?
Students and Faculty have long been targets of so-called phishing scams, in which the attacker attempts to trick the victim into revealing their login-in or other private credentials by pretending to be a part of the University, an internship or job opportunity, or even claiming to be a part of the financial aid office requesting students to change their login credentials. UofSC's data shows that such scams are on the rise.
Things to look out for:
- Work study/Internship emails. Often asks users to submit forms or email a Gmail address (non-UofSC)—requests for info such as Name, Personal Email, Phone Number, and Bank Name.
- School O365 account termination. Subjects usually say 'Account Closure' or 'We Received A Request From You?'. They then ask users to enter their account login credentials and personal information such as Birthdate, Phone Number, and Address to "reset" the account or keep it from being terminated.
- Financial aid account reset. Asks the user to enter login credentials, along with banking information.
Protect Yourself from Phishing
To protect yourself from phishing, never respond to requests for private information, never enter your password after clicking a link in a message, beware of statements that sound urgent or too good to be true, pay attention to spelling and bad grammar, beware of first time or infrequent senders, generic greetings, mismatched email domains, and suspicious links or unexpected attachments.
- Block Gmail addresses/ unknown senders.
- Report suspicious emails.
- Submit a Service Now ticket to have the user password reset if needed.
- Pay attention to email content and format.