Eastern Michigan University

PhishingPhishing Scam

Phishing is an attempt, usually made through a fraudulent email, to steal personal information from you. Most times you may not recognize who has sent you a phishing email, but it could be from an organization you actually know.

The email could even appear to be from 'someone' you know. In this case, they could be specifically targeting 'you' with the thief greeting you by name and asking for your personal information, such as, credit card number, social security number, EMU NetID* or password. This type of a targeted attempt is known as Spear Phishing.

Warning Signs

Here are some things to look for in an email that may indicate a phish:

  • Generic greeting. Phishing emails are usually sent in large batches. Internet criminals may use generic names like "First Generic Bank Customer." If you don't see your name, you should be suspicious immediately.
  • Send you to a web page. Phishing emails will almost always tell you to click a link that takes you to a web page where your personal information is requested. Legitimate organizations would never request this information of you via email.
  • Forged link. Roll your mouse over the link and if it doesn't match what appears in the email, don't click on it. Also, websites where it is safe to enter personal information begin with "https" — the "s" stands for secure. If you don't see "https", don't proceed.
  • Requests personal information. If you receive an email requesting your personal information, it is probably a phishing attempt.
  • Sense of urgency. Internet criminals want you to provide your personal information now. They do this by making you think something has happened that requires you to act fast.

If you believe you have been phished, change your password immediately and contact the Help Desk at 734.487.2120 to report the incident. You may need to change your passwords on other sites too if the information you provided could be used anywhere else.

*formally my.emich username