Skip to main content

SecureIT

Be cautious of links in emails requesting you to enter your credentials on a separate website. eight-bit sparty

Phishing

Have you been Phished? 

-------------------------- 

What is Phishing? 

Phishing is a scam that typically involves email messages that are designed to appear from a trusted source in order to persuade you to provide sensitive information. 

Why is this important? 

Phishers can take your personal information and gain access to your sensitive data. This can include: 

  • Bank accounts 
  • Medical Records 
  • MSU Net ID 
  • Apple ID  
  • Google Account 

They can use this information to harm you financially, personally, or professionally—and possibly steal your identity. 

Identity theft victims lose an average of $1,343*. Don’t let this be you! 

How do I avoid phishing attempts? 

  1. Stranger Danger! Do they claim to be from MSU but their email doesn’t end with @msu.edu?  Even if the email does originate from a trusted source, if you don’t recognize the sender, reach out in a separate email for clarification, as their account could be compromised. 
  2. How is their grammarMany phishing emails contain various typographical errors that would not be present in a legitimate correspondence and are addressed generically (Dear Sir/Madam).
  3. If it was that urgent, they’d call you. Phishing Emails try to get you to abandon your common sense to do something immediately. They often threaten to suspend financial aid, bank accounts, or terminate an online account like Facebook if you don’t do what they say.   
    • MSU will never send you a link asking for you to input or reset a username and password. MSU will always direct you to go to netid.msu.edu from a separate browser window to reset your password. 
  4. You probably didn’t win that vacation to the Bahamas.Emails that promise great rewards from people or organizations you didn’t contact are most likely phishing attempts.  

I found a phishing email but I didn’t click on anything. What do I do? 

Forward your message to abuse@msu.edu, specifying that you didn’t click on any links or open any attachments. 

I got phished! What do I do? 

Forward the message to abuse@msu.edu, specifying that you have been phished. They will advise you on the best course of action. 

If you think you’ve compromised your account 

  1. Immediately change your password.
    • For MSU, you can do this at netid.msu.edu. 
    • If you need further assistance, call the MSU IT Service Desk at (517) 432-6200. 
  2. If your account is not MSU affiliated, contact the company you hold that account with so that they can advise you on the best course of action. 

Visit https://www.identitytheft.gov/ and follow the outlined steps to ensure your identity and accounts are not further compromised. 

* https://www.bjs.gov/content/pub/pdf/vit14.pdf