Unmasking extortion emails: Your guide to spotting, reporting malicious messages

Ohio University’s Information Security Office has updated its Identifying Malicious Emails webpage.

The enhanced webpage continues to offer guidance on reporting suspicious emails, access to the Phish Bowl tool, and a link to a Spot the Signs of Phishing video. Additionally, it now includes comprehensive information on tactics used by malicious actors in phishing attacks, details on social engineering, highlights examples of various phishing techniques, and provides and overview of the types of phishing campaigns commonly orchestrated.

A major driver for this revision was in response to community requests for detailed insights into extortion emails—a prevalent and particularly distressing phishing method due to its confrontational tone. Users who receive extortion emails now have a resource to help them identify and report these messages.

If you have reason to believe that an email is suspicious or if you accidentally fall victim to a phishing or extortion email, please report it to the information security office by forwarding the message as an attachment to security@ohio.edu.