The FBI reports that phishing attacks are the most common cybercrime in America (see examples at https://www.fbi.gov/scams-and-safety). Scammers know you're overloaded with email and seize the opportunity to catch you off guard. These fraudulent emails often claim to be from known individuals or legitimate organizations. They may contain links to fake websites that impersonate popular retail brands (e.g., Amazon, UPS, banks) where you are asked to enter your email address, password, or other sensitive information, or simply ask if you are available. Some messages also include malicious attachments intended to infect your computer or devices. It is important that you treat every email with a healthy dose of skepticism. Here are some tips to help you avoid getting hooked by phishing scams:
Why should I care / who is behind these attacks?
Watch this 6 minute (external) video to learn more about hackers and their victims.
How to spot a phish:
- If an email is asking you to do something, has links, QR codes, or attachments stop and question its legitimacy before taking an action
- Wait to take action. Most mistakes are made when we are multitasking or in a rush. If there is a widespread attack, the IT Security Office will usually update the Phish bowl (see below) and ILR Technology Services may send an email alert, but it might take several hours to reach a critical mass.
- Check the sender’s email address. A common technique called Spoofing" is where hackers use a disposable email address and pretend it is from a leader or colleague (E.G. a message from ajc22459@gmail.com isn’t really from Dean Colvin)
- Be suspicious of email that contains QR (quick reference) codes. This is a common hacking technique used in an attempt to circumvent other protections. See example email in the Phish Bowl.
- Inspect links in emails, particularly when being urged to take immediate action
- Cornell IT has implemented Safe Links to help protect the community from malicious attacks. Learn more about this service here.
- If you are on a mobile device, consider waiting to respond from a Cornell Certified Desktop computer
- Hover your mouse pointer over links (don’t click) to reveal their true destination (URL)
- Watch this 5 minute video and see other tips from the Cornell IT Security Office to learn how to spot phishing emails and interpret URLs
- If the message looks bogus, it probably is; delete it or move to the Junk E-Mail folder and move on
- Do NOT open attachments or click links to “see what they are”
- Consider the potential impact that a single click could have on the rest of your day, your colleagues, and your IT support team
- If you are convinced that the message warrants your attention, find a way to confirm its validity that circumvents the links and attachments
- Remember that email is not secure and it is trivial for hackers to spoof the “from:” address. Hover over the senders name and check the email address for legitimacy.
- If the “sender” appears to be someone you know and the email address is legitimate, contact them via another channel (phone, text message, direct email, etc.)
- Check the Cornell Phish Bowl for known fraudulent emails
- Check the verified Cornell communications page for a list of legitimate Cornell business related emails
- Google the topic of the email to check for known scams
- If the message is from a vendor, connect to the company’s official web site
- If you still aren’t sure, forward the email including attachments to ilrtsrequests@cornell.edu and we will investigate
- For a faster response, include the full headers of the original email
For assistance with these or any other technology related concerns, please submit a Service Request and we will connect with you.