Tips on How to Spot Phishing Scams
We are experiencing an ongoing cyber attack in which an attacker targets students to compromise banking details. In these fake messages, victims are asked to complete a Google Form, similar to the one below.
How to Stay Safe:
Do not provide passwords or banking details in Google Forms, or in any other forms you do not trust. When in doubt, call the IT Help Desk before proceeding. See Example of a google form used in a phishing attack. No one at Adelphi will ever ask for your password. Always sign in to eCampus via Single Sign On.
Check the bottom of any google form to see what Domain is hosting it, in this case it was NOT from Adelphi. Again no one at Adelphi will ever ask you to provide your password, ever.
Set up multiple recovery factors.
Change your password immediately if you suspect that somebody may have accessed your account without your permission and let us know by calling the IT Help Desk, or by emailing abuse@adelphi.edu.
Do not respond to any suspicious emails and never open email attachments or click on links if you find the content unexpected or untrustworthy. Emails from Adelphi officials will always come from an @adelphi.edu address.
If you are on a laptop or a desktop, always check the actual URL before clicking by hovering over it and looking in the lower left of the browser window. This shows that it is NOT going to Adelphi. For example, in a recent phishing attack shown below, it may seem that you are directed to a page hosted by Adelphi, but when putting your mouse over the link and check, it shows that you are going to a different one. This might be difficult to see on a mobile device.
Official Emails from Adelphi only come from @adelphi.edu addresses. If the sender has a @mail.adelphi.edu and claims to be official, it is likely coming from somebody else.
Official messages will only be sent to an individual student or an official list. This example shows hundreds of other addresses on the same message sent from a student account. Again the link does not go to Adelphi and the phone number is not correct either.
Review our website for practical tips on identifying and handling phishing attempts.
Reminder
As of Monday, August 19, 2024, all access to Gmail accounts used by students and alumni will require multifactor authentication. Please strengthen your security now by setting a new password and by ensuring your recovery methods are up to date.
Responded to a Phishing Email? Here’s What to Do Next
- See Steps to Report Phishing using Google
- Reset your password if you responded to any suspicious messages.
- Call our IT Help Desk at 516.877.3340 for assistance
While our IT team works hard to keep our network secure, some threats can bypass our defenses. Please remember that Adelphi IT will never ask for your password or sensitive information via email, phone, or Google Form.
If you have any questions or concerns about this incident, please contact us.