Campus Reminded to Be Alert to Phishing Attempts

06/09/2016

The JSU IT division has noticed a large increase in the number of phishing attempts and “spoofed” email accounts recently.  JSU employees and students should be vigilant when managing their email accounts and not give out  passwords/usernames, click on any suspicious email link and should carefully review the “From” field in the email to make sure it is an email address you recognize as legitimate. 

What exactly is “phishing” and “spoofing” e-mail?  Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity via e-mail.  E-mail spoofing is the forgery of an e-mail header so that the message appears to have originated from someone or somewhere other than the actual source.

How Do I Protect Myself?

To help avoid becoming a victim of phishing and to keep your email account safe, use the checklist below to determine if an email is suspicious or not.

  • Is the email “From:” address appropriate? If the email appears to be coming from Jacksonville State University, does the “From” address have jsu.edu in it? 
  • Review the body of the email in relation to the sender…does the body of the email contain suspicious requests or demands?  Even if the email header appears legitimate, the body of the email can usually give away clues that it may be a fraud.
  • If you know the person the email is from, does it make sense for them to be sending you this kind of link?
  • If the message has a URL link, use the mouse hover trick to determine the ultimate destination of the link.  Without clicking, hover your mouse pointer over the URL and a box will appear with the destination of the link.  Again, if this appears to be coming from the University, does the URL address have jsu.edu in it?
  • Does the content of the message contain a lot of unusual spelling and grammar errors?
  • Is there contact information for any questions? Again, if the email appears to be from the University, is there a contact number that begins with 782-xxxx or an email address that contains jsu.edu.?
  • Never share your password with anyone.
  • If you have any concerns that your account is being used to send spam or your password has been compromised, contact the IT Technology Support Center at 256-782-8324 as soon as possible. The Technology Support Center can assist with unlocking your account and resetting your password.
  • If you are unsure whether or not an email is a legitimate email contact the Technology Support Center for help.