Phishing

Beauceron Outlook report a phish icon
Use the Report a Phish button in Outlook to report suspicious emails, or forward them to phishing@msvu.ca.

What Is Phishing?

Phishing is when a criminal uses emails, SMS text messages (smishing), web forms, and viruses to:

  1. Trick you into revealing your password or other personal information.
  2. Trick you into applying for a fake job as part of a job scam.
  3. Trick you into installing a virus.

These criminals may be trying to commit:

  1. Fraud, such as in job scams, gift card scams, identity theft, or credit card fraud.
  2. Extortion, such as with ransomware or blackmail.
  3. Computer hacking, such accessing the Mount’s or your personal computers.
  4. Data theft, such as for selling personal information on the dark web.

The most common phishing emails Mount students receive are related to job scams. These would be password and cell phone phishing emails and fake jobs ad emails.

If you are unsure if an email is malicious or legitimate, report it with with the Report a Phish button in Outlook or forward it to phishing@msvu.ca and IT&S can review it for you.

Report a Phish button in the Outlook desktop client ribbon

Common traits of phishing emails include:

  1. Asks you to confirm or validate your account.
  2. Threatening, urgent, with time limits or deadlines.
  3. Too good to be true, such as ads or tips for well paid work-from home jobs.
  4. Contain links to suspicious URLs/websites.
  5. Unfamiliar email address, although phishing emails can come from @msvu.ca addresses.
  6. Asks for personal information.
  7. Has unexpected attachments.
  8. You did not initiate the communication.
  9. Poorly written with spelling, grammatical, or capitalization errors, although now criminals use AI apps like ChatGPT to compose better written phishes.
  10. Just doesn’t look right.
  11. For more about these red flags click here.

Please see these examples of phishing emails for some suggestions on what to look for.

The links in phishing emails sometimes link to fake web forms, and they may look like legitimate forms.

Check the URL of any web form you use to make sure it:

  1. Starts https:// instead of http://.
  2. Links to website you trust, such as msvu.ca or microsoft.com.

You can view some example phishing login forms here.

If you realize that you have replied to a phishing email or if you clicked a link in a suspicious email:

  1. Please change your password immediately, and
  2. Let the IT&S Help Desk know so we can check your account for unusual activity.

If you have been the victim of fraud, please see our Fraud Recovery Tips webpage.