Skip to main content

Watch out for phishing lures

Important Notice (Updated Aug. 31): Several university employees have received a phishing email that requests them to review a DocuSign document concerning a payroll system update. The phishers sent this email from a Microsoft Outlook account. NC State will never deliver official university communication in this manner. Do not click on any links in this email, and read all of your emails carefully.


Imagine you’re out for a walk when a stranger approaches, offering you a job and requesting personal information. Would you give it to them? Although the answer seems obvious, members of the Pack have surrendered personal information to online strangers for similar reasons and subsequently fallen victim to phishing attacks.

Cybercriminals called “phishers” cleverly craft email, text and instant messages to mimic the people and organizations you know and trust to trick you into releasing sensitive information such as your login credentials and credit card numbers. They use that information to steal your money, identity and additional login credentials. 

The beginning of the fall semester is phishing season for scammers, so you need to be on guard and follow these security tips:

Know a phishing lure when you see one
In the recent past, phishers have: 

  • Sent targeted emails to campus IT users requesting gift cards, purportedly from a university supervisor or colleague.
  • Mostly targeted students and employees with lures of job openings and alerts regarding citizenship status and student loans, often demanding urgent responses for passport information, login credentials, Social Security numbers and account numbers. 
  • Introduced another sneaky way to steal login credentials — sharing Google or Microsoft documents that appear to be from someone you know while requiring login credentials to view them. 
  • Stolen login information from NC State campus members using fake NC State Shibboleth login pages and fraudulent Duo Security push notifications

Take Google and Jigsaw’s interactive phishing quiz to test your ability to identify suspicious emails.

Scrutinize the sender’s email address

  • Before clicking a link, opening an attachment or replying to a message, be certain you recognize the sender’s email address and that every part of it is correct. For example, don’t fall prey to an email from unityID-ncsu@my.com when you know it should be from unityID@ncsu.edu.
  • In every email message, you can determine who the real sender is by clicking the down arrow under the sender’s name (to the right of the “to me” text). You can also verify senders by contacting them via trusted methods such as text, phone call or chat messaging.

Verify before you click

When in doubt, don’t click any links or open any attachments. Instead, contact the sender using a trusted method and ask if they sent the message in question. 

If you have concerns or questions about suspicious messages you’ve received, search the Knowledge Base in the NC State IT Service Portal or call 919.515.4357 (HELP).

Hover over links and proceed with caution

Hover your cursor over a suspicious link to see what the real link address is — you’ll see it displayed at the bottom left of your browser window. Often, phishing tactics use false URLs that look the same initially but have suspicious addendums or small changes. Phishers are hoping you won’t notice. 

For example, instead of a legitimate www.lookingforphishing.com/dont-get-phished URL, slightly different look-alikes could be:

  • www.lookingforphishing.com.fakeuout.co/dont-get-phished
  • www.lookingfor–phishing.com/dont-get-phished 

Beware of suspicious emails

In some cases, phishing emails may be vague or sound “funny” while sometimes containing errors in spelling and grammar. They often threaten you with punitive actions unless you provide sensitive data immediately.

Never share sensitive data

No matter how “official” an email, phone message or text appears, legitimate organizations never ask for sensitive personal information such as passwords or account numbers via those means. 

Use Gmail and review suspicious activity

Whenever possible, view all university emails using Gmail (Gmail mobile or mail.google.com). Gmail flags suspicious messages with warnings. Also, check your last account activity for any unusual or unauthorized actions. 

Report phishing emails

While you may want to warn your friends and co-workers about a phishing attack, don’t forward phishing emails to anyone. Instead, report phishing emails. In your Gmail message, select Report phishing from the three-dot menu in the top-right corner. See Avoid and report phishing emails.

Keep up with phishing trends and tactics

Pay attention to articles and alerts concerning current phishing scams, especially during certain times of the year such as tax season. See IRS Tax Scams / Consumer Alerts

For news about threats to the campus community, check the Cybersecurity in the News section of Cybersecurity at NC State for ongoing updates.

Use the right antivirus software

Viruses are only one type of malware, so use an NC State-recommended antivirus solution to protect your devices from worms, spyware and adware.  

Turn on 2FA

Consider using two-factor authentication (2FA) for your personally owned accounts, including your email, banking and social media accounts. 

For additional information on phishing and computer safety, refer to the following resources:

If you have any questions, contact your local IT support staff or the NC State Help Desk via the NC State IT Service Portal or call 919.515.HELP (4357).