Home / Information / Protecting Against Phishing

Protecting Against Phishing

What is Phishing?

Phishing, in a nutshell, is the online version of a con-job. The perpetrators of phishing messages are essentially tech-savvy con-artists. In a phishing scam, these con-artists send out messages and emails that "look" legitimate, hoping to trick the unsuspecting user into giving out their personal information, including usernames and passwords, and allowing the perpetrator to conduct identity theft.

Phishers use a variety of methods and devices to steal information besides e-mail. This can include pop-up windows, URL masks which simulate real Web addresses, and keystroke loggers that capture account names and passwords. Even text messaging on cell phones have been used by these perpetrators to phish for your information.

Protecting against phishing

To protect yourself against phishing, follow these tips:

  • Always be suspicious of messages asking you for your personal information.
  • Never be pressured into giving out your personal information online or over the phone. It is common for phishing messages to contain threats like losing your access to an account.
  • If the message looks suspicious, contact the school/business/agency/merchant directly using a separate means of communication for confirmation. (e.g. call the phone number of your local bank branch to verify)
  • Never submit online forms embedded directly in e-mail messages.
  • Never open the attachment in an e-mail message that you are unable to verify.
  • Never open the links embedded within the e-mail message. Instead, open a new browser window and type in the URL for the website.
  • Spam and Phishing - Best Practices for Executives

ASU & Phishing

ASU will never send emails asking for your password or login information.

Beware of emails that ask your for personal or login information. Spammers and phishers do not typically target particular people but instead send generic “customer” messages to a large number of individuals with the goal of compromising a few accounts, access information that is personal, professional, or financial. If you have received a message that matches or looks similar to one listed here, please take caution.  We have denoted the latest phishing emails with a *NEW* marker.  These will be marked with the date they were originally reported to the ISO

If you are in an Exchange (Outlook) environment, add the sender to your block list.  If you are in a Gmail environment, click the arrow next to reply and click 'Report Phishing'.  If you received a suspicious email that does not look like anything on this page, please send the headers to InfoSec@asu.edu