Phishing Red Flags
The following are examples of suspicious emails that should be deleted. If you believe that you have sent information through a suspicious or phishing email please contact firstname.lastname@example.org.
Phishing emails or forms sometimes ask for your personal information, like your username, password, or birthdate. You may be asked to send your information by email, or the email may link to a fake web form or a fake login page. If you fill in the form, you are giving the hackers your information.
No representative of the Mount, such as the IT&S Help Desk or the Registrar’s Office, will ask you for the type of information, especially passwords.
The only time we will ask you for account information is when you contact the IT&S Help Desk. The Help Desk staff may ask you for some questions to verify who you are before resetting your password or any other account changes.
In this example, you are asked to provide your username, password, and date of birth by email, which IT&S will never do.
Phishing emails will often ask you to verify your password by clicking on a link. The Mount does not do this.
Do not click on links within suspicious emails, even if the message seems to be from someone you trust.
Do not send your personal information in an email.
Emails from IT&S will minimize the use of links, but if we do send a link, it will be at msvu.ca.
In this example, you are asked to click a link to verify your account, something IT&S will never do. As well, it appears to come from ITNS@msvu.ca (a fake address) not email@example.com.
Phishing emails are often poorly written. They may have grammatical, spelling, capitalization, or punctuation errors.
This example is riddled with capitalization, grammatical, and punctuation errors.
From an Unfamiliar Email Address
Emails from the Mount’s IT&S Department will come from an individual’s email address ending in @msvu.ca or from firstname.lastname@example.org. For instance, if you get an email from a Yahoo account claiming to be from the IT&S Department, you will know that it is phishing.
Threatening or Urgent
Often phishing emails will try to scare you into clicking a link. They may threaten to delete your account. They may say something is very urgent, and you need to fill out a form by a certain deadline.
IT&S will never send threatening emails.
Beware of final warnings and consequences of account deletion or deactivation, like in this example: