Phishing

Phishing is a form of social engineering where the attacker attempts to trick people into revealing private information by sending fake emails/phone calls/text messages that appear to be from reputable sources.

Recognize

• Sender - Verify who the email is coming from. If you do not recognize the sender, or the 'reply' address is different, the email may be a phish.
• Links - Check for suspicious-looking links included in the email. Hover your cursor over the link before clicking to identify the web address.
• Attachments - An unexpected email that includes an attachment is a red flag.
• Emotion - Most phishing emails use a sense of urgency or fear in an attempt to get the victim to act in favor of the sender.
• Data - Never give away personal information such as passwords or social security numbers unless you are certain the source is legitimate.

Respond

• Never respond with any personal information. 
• Do not click any links or open any attachments.
• Check RIT PhishBowl for the email. If it is not already there, forward the phishing attempt to spam@rit.edu.
• Change your account password if you feel as though your password has been compromised; start.rit.edu.
• Back up your data on a regular basis to limit the impact of a phishing scam.

Report

• If you receive a suspicious or unwanted email, report it using the built-in reporting tools in Outlook or Gmail. This helps Microsoft or Google analyze the message, improve filtering, and provides visibility to RIT ITS.
• In Outlook (Desktop or Web):
  • Select the email in your inbox.
  • On the toolbar, choose (Report Phishing or Report Junk).
    
    
  • While Junk is for unwanted or low-quality emails that are not malicious​
• In Gmail:
  • Use Report phishing or Report spam from the message menu (⋮).
    
  • After reporting, the message will be removed from your inbox and analyzed to help protect the RIT community.
• If you clicked a link, opened an attachment, or entered credentials, contact the RIT Service Center immediately for assistance at 585-475-5000, or online at help.rit.edu to open an incident report.
• For detailed instructions on when to unsubscribe, report spam, or report phishing, and how to verify senders and links, see KB0045448: When and How to Unsubscribe, Report Spam, or Report Phishing and How to Spot Spoofing & Bad Links.

• Spear Phishing - Targets a specific group or person where emails are personalized to match internal communications at the target organization.
• Whaling - Targets high-profile employees in order to steal private information involving employees or financial data for malicious intent.
• Vishing - Phishing scams through phone calls or voice mails pretending to be from a reputable source in order to reveal personal information.
• Smishing - Also called "SMS Phishing," this is a social engineering attack to gather information through text messages.
• Business Email Compromise - A targeted email where the sender appears to be an executive in the organization.
• Calendar Phishing - Malicious links are included in calendar invitations that are directly shared with targets.

• RIT PhishBowl - A grouping of phishing attempts reported at RIT.
• GoogleGroups Phishing - Learn more about GoogleGroups phishing from the RIT ISO.
• Spear Phishing - Learn more about spear phishing from the RIT ISO.
• Educause 2019 - Social engineering tactics and prevention techniques. (external)
• BEC Video - Awareness video about Business Email Compromise (external)