Phishing is one of the most common cyber threats targeting our university community. Cybercriminals often disguise their emails to trick you into revealing sensitive information. Here’s how to recognize and combat phishing attempts effectively.
How to Spot Phishing Emails
- Check Links Before Clicking
Phishing emails often include dangerous links disguised as legitimate. Always hover over a link before clicking to verify the URL. If it seems suspicious or unfamiliar, don’t click. Instead, visit the website directly by typing its URL into your browser. - Inspect the Sender's Email
Never trust the display name alone. Phishers may use a name you recognize, but the email address might reveal a scam. Always check the full email address for unusual domains (e.g., @gmail.com instead of @hartford.edu or a subtle misspelling like @hartferd.edu). - Beware of Urgency
Phishing emails often use urgent language like "Your account has been compromised!" to prompt quick action. Stay cautious, and avoid responding to emails demanding immediate action without prior warning. - Suspicious Attachments
Unexpected attachments, especially in formats like .zip, .exe, or .docx, can contain malware. If you weren’t expecting the attachment, don’t open it—contact the sender to verify.
What to Do If You Suspect Phishing
- Report Phishing Immediately
If you receive a suspicious email, report it to the IT or cybersecurity team as soon as possible. Early reporting helps prevent others from falling victim and allows IT to block the threat. - If You Click or Share Information, Act Fast
If you mistakenly click a phishing link or share information, notify IT right away. Immediate action can help secure your account and limit the damage.
Stay Vigilant
Phishing attempts can be convincing, but by staying cautious—checking links, inspecting sender addresses, and reporting suspicious emails—we can protect both ourselves and the university. Cybersecurity is a shared responsibility, and prompt reporting is key to minimizing risks.