Search within:

Recognizing and Reporting Phishing

What is phishing?

Phishing is the top social attack on businesses, responsible for more than 90% of security breaches. Phishing occurs when a bad actor sends fraudulent emails, text messages, or Teams messages to convince you to disclose sensitive information, such as your password or credit card details, through your replies or by clicking on links. StationX, a top cyber security training and development platform, reports that 3.4 billion phishing emails are sent every day, accounting for 1.2% of all email traffic around the world. While not every unsolicited email is a phishing attack, it should be inspected for other suspicious elements that may help you identify if it's legitimate. 

Identifying malicious emails

Here are some characteristics of a phishing message that will help you identify malicious emails:

  • Unsolicited. Be cautious of emails that you were not expecting to receive. 
    • Often, unsolicited emails are from senders outside of the university. At OHIO emails originating from external senders will have an “External” tag in the subject line and contain a light-yellow band at the top of the message that reads: use caution with links and attachments.
  • Too good to be true. If it sounds too good to be true, it probably is. Part-time job scams often offer to pay an exorbitant amount of money for a simple task.
  • Asking for personal or financial information. Report emails asking for personal information. For example: the IT department would never email you with a link requesting you provide your university credentials to keep your account active.
  • Deceptive web links. Hover your mouse on the hyperlink to view its true destination. If you don't recognize it, don't click it.
  • Variations of legitimate addresses. For example, an email address ending in @ohio-edu.org instead of @ohio.edu.
  • Fake senders address. Click the sender's name to view the email address, if the email address is not something you recognize from the alleged sender, proceed with caution.
  • Requesting urgency. The intention of urgency is to influence users to act quickly to prevent them from noticing suspicious elements.
  • Fraudulent sites often don't start with HTTPS. The "s" stands for secure. Never sign into websites that are not using HTTPS.
  • Misspelled words and bad grammar. Phishing emails often contain misspellings and grammar issues. 

The Phish Bowl

The Phish Bowl is a tool designed to promote phishing awareness by documenting campus-wide phishing messages that are reported to Information Security. There is no concrete way to prevent phishing attacks, meaning awareness is our strongest line of defense. As widely impacting phishing messages are reported, they will be posted on the Phish Bowl along with a verdict and a date. Phishing messages come in a variety of formats; be sure to check out the various different types of phishing messages posted to the Phish Bowl to see common phishing attempts the University receives. 

Reporting phishing

To report a phishing message or ask for assistance in determining legitimacy, please forward the email as an attachment to security@ohio.edu. You can learn how to forward as an attachment here.

Additional phishing resources

Here at OHIO, the Information Security Office provides multiple resources to help identify phishing messages and prevent our community from falling victim to scams. Be sure to check out the resources below! 

  • Request a simulated phishing exercise facilitated by the Information Security Office for your team or department to test their skills around identifying phishing messages. 
  • Online IT Security Training through Vector Solutions is free training that teaches the OHIO community tips and tricks on how to spot phishing messages.  The course titled Cybersecurity Awareness for Educational Leaders: Safeguarding Against Social Engineering Attacks is a great way to learn more about these types of messages. Check out this Knowlege Base article on how to self-enroll.
  • Visit StaySafeOnline for a wide variety of educational resources to learn how to protect yourself, your family, and your devices.

What to do if you clicked on a link

If you clicked on a link or button in a scam email and entered your OHIO ID and password into the resulting site, you should change your password immediately. If you need assistance changing your password, contact the IT Service Desk at 740-593-1222 or servicedesk@ohio.edu