Don't give out personal information
If you receive an email that asks for any personal information such as your name, birth date, social security number, email, email password, or banking information be cautious. Do not reply to these emails.
Instead, you should visit the site directly by manually typing the address in your web browser rather than clicking on the link contained in the email.
When you get to the site, look for the contact information for the owners of the site. Once you have found the contact information, you can call the Customer Support number to ask about the email .If there is is not a Customer Support number, e-mail a developer or administrator.
You can also go to the SHSU Phish Bowl website which lists most of the current email scams hitting SHSU mailboxes.
Read the emails carefully
There are cases in which the bad actor will obtain branding from the company that they are impersonating to make the email message look legitimate. Some will even appear to be from actual people in the organization such as a President or VP. As a result, it is extremely important that you read messages carefully.
Generally when an email is a fraud attempt or a scam it will be poorly worded or have obvious typos. Company names or brands may be misspelled or inaccurate. For example "Goggle" or "Yaho".
Most will also have a sense of urgency to them such as making statements like: "confirm your account now" or "prevent deactivation."
If you think that an email is a scam or that one of your accounts may have been hacked, report it. If it is your SHSU email account, report it to firstname.lastname@example.org. Other email services such as Gmail or Yahoo will have a button inside the email that says either:
- "Report as Phishing"
- or "Report as Scam"
In addition, if you feel that you have been hacked you should also immediately change your password, enable multi-factor authentication if available, and run a virus scan on your computer.