Phishing


What is phishing?

Phishing is a malicious e-mail impersonating some type of service provider. They attempt to get your account information to gain access to internal systems, such as email, Banner, or shared drives.

Some phishing emails will ask you to forward your username and password, while others will direct you to a website that looks "similar" to CCRI websites to trick you into entering your username and password. The CCRI Help Desk will never ask for confidential information in an email. This includes passwords, DOB or even personal information like your name or address. Furthermore, you should avoid clicking on links in emails that direct you to secure areas as they may potentially be spoofed web pages.

How to tell if it's a phishing email?

Phishing emails can be identified in the following ways:

  • It asks for personal identifiable information, such as your CCRI username or password.
  • Threatens to take away access or delete accounts if you do not reply.
  • Have spelling or grammatical errors.
  • It is being sent from another school or a staff member at the college
  • Links in the email direct you to unsecure pages (NOT https).
  • Hovering over the links shows you a different address than the one displayed or non-CCRI pages.

These are not inclusive of all messages that could be spam, so when in doubt, you can always forward the email to the CCRI IT help desk at helpdesk@ccri.edu for confirmation.

Examples
Subject: (any of the following)

{Random} 
*DETECTED* Online User Violation 
*IMPORTANT* Please Validate Your Email Account 
*IMPORTANT* Your Account Has Been Locked 
*WARNING* Your Email Account Will Be Closed 
Account Alert 
Email Account Suspension 
Important Notification 
Notice of account limitation 
Notice: **Last Warning** 
Notice:***Your email account will be suspended*** 
Security measures 
Your email account access is restricted 
Your Email Account is Suspended For Security Reasons
Warning Message: Your services near to be closed

Message body: (any of the following)

Once you have completed the form in the attached file, your account records will not be interrupted and will continue as normal. 
Please look at attached document. 
Please read the attached document and follow it's instructions. 
Please see the attachment. 
The original message has been included as an attachment. 
To safeguard your email account from possible termination, please see the attached file. 
To unblock your email account access, please see the attachment. 
We attached some important information regarding your account. 
We have suspended some of your email services, to resolve the problem you should read the attached document. 
We regret to inform you that your account has been suspended due to the violation of our site policy, more info is attached.

What to do if you've been phish?

If you have already sent your username and password or click on a link and entered your username and password, you should take immediate action and do the following:

  1. Change your CCRI passwords. You should also change the password to any system that you use the same password for.
  2. Check your Sent Mail folder to see if there are any suspicious messages that have been sent from it. This will help confirm if your account had been compromised by another party.
  3. Check your inbox rules in Outlook Web Access to see if another party has started deleting your messages.

Can't find the answer you're looking for?

We're here to help. Contact us by phone, e-mail or fill out a request for help.

Contact Information

This page developed and maintained by the Information Technology Department. Send comments and suggestions to helpdesk@ccri.edu .


Top
Last Updated: 11/1/18