What is phishing?
A phishing message presents an innocent-looking but dangerous request to share information, open a file, or run a program. The message may appear urgent or subtly enticing, but the goal is the same -- to make money from your information, accounts, or computer for cybercriminals.
How can you avoid being phished?
A 2009 research study showed that 45% of people directed to a fake website by a phishing scam enter their account password. These people were fooled by the fake message and fooled by the fake website! Learn these two skills for all emails and websites to avoid the dangers of phishing:
1) Check Before Acting On Unexpected Email Requests
Whenever you receive an unexpected email request, especially one that is urgent or enticing, use common sense to evaluate the message:
- If it seems suspicious - just delete it!
- If it seems likely to be real (or you can't decide) - contact the sender to confirm it!
Remember: Let your common sense guide you as to whether the message seems suspicious or real when you receive an unexpected email request, then act accordingly.
2) Check Before Entering Your Password
Whenever you need to enter your password, don't enter your password, unless the website has the following:
- Encryption - the web address must show https or the lock icon
- Matching Domain - the web address should match the organization
Remember: Do these two quick checks every time before you enter a password, just like you always quickly check your mirrors before changing lanes on the road.
What else should I know about phishing?
Find out more about how to protect yourself from phishing.
Should I forward a phishing email? How do I report it?
Generally, we want you to delete phishing messages, not forward them. Forwarding has many problems, including: it is potentially dangerous and doesn't provide enough information about the phish. To safely and effectively report a phish, you can use the Phish Alert Button: This button appears above your mail message when you are signed into Chrome Browser with your Pepperdine account.
- Bring the message on screen
- Look for the orange fish hook above the message.
- Click the hook to report and dispose of the message.
For more information on the Phish Alert Button, read our Phish Alert Google Doc (requires Pepperdine Google Workspace access).