You have probably been told in the past not to click links in emails from unknown sources, and you probably follow that rule to the letter. Phishing attempts become more legitimate-looking every day.
When thinking about whether to click on a link, please remember these basic rules (explained in more detail in this Wired.com article):
- Always think twice before clicking a link in an email
- Consider the source (first, look at who sent the email, then hover over the link– but don’t click!– and see if the link leads to a website you recognize and trust)
- Report phishing attempts, or suspected attempts, to email@example.com
Some recent items we have noticed in phishing attempts include the following:
- Email addresses that look like OSU emails, but if you search the names at osu.edu/findpeople, no results will come up
- Use of OSU logos, legitimate-looking email layouts, and legitimate email addresses/websites listed under the signature or in the header
- Simple-looking emails that ask you to click a link to “validate” or “secure” your email, storage, or other information
- Emails that look like they are written by a friend/colleague but with unknown email addresses or referring to a conversation you never had
Below are some recent examples that faculty and staff at the College of Nursing have reported. Click on the image to view it full-size.
Examples of Recent Phishing Emails
Thanks for reading! Please remember to always consider the source and hover over links before clicking them. When in doubt, don’t click! Forward any suspicious emails to firstname.lastname@example.org