Identify and Report Phishing/SPAM

Service Overview

Phishing and SPAM messages are the biggest threats to the University community. Attackers use these tools to try to install malicious software on your device or extract data from systems you can access. This service provides tips on how to identify Phishing and SPAM messages and actions to take including reporting suspected messages to Information Services. Always report messages if you are unsure.

If you click a link or open an attachment in a Phishing or SPAM message contact the TSC immediately @ (210) 431-4357.

Eligible To

 
  • Alumni
  • Faculty
  • Marianists
  • Public
  • Retirees
  • Staff

Identifying Phishing and SPAM Messages

 
  • Did the message come from someone within the University Community
    • Any message sent from Outside St. Mary's Email system will have [External] prepended to the subject and a warning added in the footer of the message
  • Always be suspicious
    • Ask yourself why would I be asked for this information or action
    • If its too good to be true be cautious
  • Were you expecting this message
    • Was this request something that you expected or normal for you or was is odd for you to receive
  • Check the Sender's Address
    • Look closely at the sender's email address. Phishing attempts often mimic legitimate addresses with slight variations.
  • Analyze the Greeting
    • Be cautious of generic greetings like "Dear Customer" or "Dear User." Authentic emails will usually address you by your name.
  • Sense the Tone
    • Phishing emails may use urgent or threatening language to provoke immediate action. They might claim your account is in danger or that immediate verification is needed.
  • Personal Information Requests
    • A legitimate company will not ask for personal details such as passwords, social security numbers, or bank account information via email.
  • Inspect Links Carefully
    • Hover over any links without clicking. If the link address looks suspicious or doesn't match the supposed destination, do not click it.
  • Spelling and Grammar
    • Poor spelling and grammar can be a sign of a phishing email. Professional organizations typically ensure their communication is error-free.
  • Unexpected Attachments
    • Be wary of emails with unexpected attachments or links, as these could contain malware.

Actions and Reporting

 
  • Do NOT reply to, click any links, or open any attachments on suspected messages
  • Check with the sender, if known, on the legitimacy of the message. Do this through means other than replying to the received message.
  • Report the message to Information Services

Report the message by clicking the "Phish Alert Report" Button on the message

  • If you do not have the button please forward the message to tsc@stmarytx.edu
  • Delete the message

Related Policies

Acceptable Use of Technology