Avoid Phishing Attempts
In the past couple of years, phishing attacks have become increasingly sophisticated and credible. Here are some important things to remember when handling your email:
- IMPORTANT: The Office of Information Technology (OIT) will never ask you to provide your username and password. If you receive an email that requests this information, it’s not legitimate and you should delete it. In addition, OIT will not threaten to deactivate or delete your account if you fail to act.
- Never provide any personal information (e.g. social security numbers, date of birth, account information) via email, phone, text or on social media sites.
- Be cautious of QR codes, fake shared document invitations (Google Drive, OneDrive, Dropbox), Google forms, and urgent messages requesting action. These are common phishing methods.
- Don’t click on links or open file attachments from people you don’t know. When in doubt, either delete it or contact the OIT Technology Service Center for advice. Another tip is to hover your mouse over any link that is suspicious to reveal the real web address. If it doesn’t match the link typed in the message, be suspicious and delete the message. Even if it matches the link, don’t click on it if you don’t recognize the sender.
- When in doubt, ask. If you're unsure about an email's legitimacy, contact the TSC for guidance before taking any action.
What to do if you receive a phishing email:
-
Do not click on any links or download attachments.
-
Do not reply to the email or engage in any way.
-
Do report it immediately to Google or contact the TSC. Then delete the email.
-
If you believe you may have been compromised, reset your password immediately and monitor your accounts for unusual activity.
By staying vigilant and proactive, we can collectively protect our Saint Joseph's community.