How to Identify a Phishing Attack

Attempts to gain access to one’s account information, known as phishing, have increased dramatically with the increased use of cloud resources. It is often difficult to tell the difference between a legitimate notice and emails that are phishing for your account information. If you would like to read more about what is phishing, please click the previous link.

It used to be that you could simply judge the validity by reviewing the grammar of the message. Now a more critical eye is needed.

Recent Example

Below is a sample of a phishing attempt that recently spread across campus. As you can see, it seems fairly legitimate, until you put it through the three step test.

How to identify phishing emails

Three Quick Checks

Below are three quick checks you can perform to help judge the validity of a message regarding your Albion Account.

  1. What are from: and to: fields? - If they are the same or you are not the only recipient you should be skeptical. Information Technology communicates only with individual users about their account's credentials, we will not send out bulk email about one's account.
  2. Is there a link in the message that points somewhere other than the identified URL? It is most likely a phishing attempt. The URL of the Albion Password Change Form is and is the only page we would direct you to use to handle an account password issue.
  3. Is the message signed generically or is there an individual that you know sending the message? - When handling issues regarding Albion account information, you will be contacted directly by Information Technology, and we will always sign the message from a particular staff person.
  4. If you receive a message about your Albion Account from anyone not known to be in Information Technology you should question the validity of the message.

It is also common practice when we send you a message about your account to provide an alternative contact method, normally calling the Help Desk at (517) 629-0479, to confirm the accuracy of the information. Messages without alternative contact information should be handled with suspicion.

What to Do?

When you determine a message is phishing, the best course of action is to report it as phishing within Gmail. This will decrease the chances of the message landing in other’s inbox.

If you are a victim of a phishing attack and provide your account information, the first step is to change your password. The page you need to visit to change your e-mail password is: Changing your password terminates the access gained through a phishing attack.

As always, should you have questions about phishing or how to more safely navigate this cloud based world, please contact the Help Desk.