Phishing

What is phishing?

Phishing is when attackers send bad emails in order to steal personal information.

What are scammers after?

• Passwords
• Financial Information
• Identities 
• Protected Health Information
• Money

How can I identify phishing emails?

Identifying and handling potentially dangerous emails at SIU.pdf

• Forceful/faked urgency to get you to respond before you think
• Offer a prize or reward to tempt you to click on a link
• Ask you to provide your password or other confidential data for security purposes
• Website addresses that are similar to, but not the same as the real thing, e.g.
  • www.g00gle.com vs www.google.com
  • www.twiter.com vs www.twitter.com
  • www.siumed.com vs www.siumed.edu
• Use “masked” links that look like a trusted website address but take you somewhere else when clicked
  • Top tip – hovering over a link should display the actual address
• Emails that appear to come from a senior employee at your organization
• Poor spelling and/or unusual grammar

How do I report phishing emails? 

Forward phishing emails to abuse@siumed.edu

What if I can't tell if the email is phishing?

Contact techsupport@siumed.edu / 217-545-HELP

What should I do if I fall for a phishing email? 

Contact techsupport@siumed.edu / 217-545-HELP

SIU users who fall victim to phishing attacks are responsible for their actions! 

Should I report phishing to law enforcement?

Information Technology works with local, state and federal law enforcement as required to report and respond to phishing attempts.