Be a Wolf, Not a Phish: Three Tips to Avoid Phishing Scams
The start of a new semester is peak time for phishing scams. As scams get more sophisticated, they get harder to spot.
Phishing comes in many forms — like email, text or even documents shared through Google Drive. Scammers try to trick you into clicking links that download harmful software onto your device or send you to a fake website or Shibboleth login page to steal your personal information or sensitive university data.
Common scams that target our campus community include:
- Docusign payroll scams
- Offers for free pension reviews
- Job offers for students that seem too good to be true
To avoid these and other phishing scams, keep the following tips in mind:
1. Be Suspicious
- Be wary of anyone asking for your contact, financial or login information.
- Assume that any threat or request for money is a scam. Do not respond or send payment.
- Always verify the email sender’s address, even if it seems familiar.
2. Take Your Time
- Think before you open an attachment, click a link, provide your username and password, or approve a Duo Security notification.
- Carefully examine all URLs before clicking them.
- Slow down and keep an eye out for an unusual sense of urgency, awkward wording and misspellings.
3. Ask for Help
- If you think you’re being targeted by a scam, get a second opinion from someone you trust.
- When in doubt, report:
- Contact the NC State Help Desk via the NC State IT Service Portal or call 919.515.HELP (4357).
- Send suspicious emails to phishing@ncsu.edu.
- Use Google’s built-in reporting feature. Open the suspicious email on a computer, click the More option (three vertical dots) at the top-right corner and select Report phishing.
For monthly tips to help you stay safe online, subscribe to OIT News.
- Categories:
