Is it Phishing

Attempts to gain access to one’s account information, known as phishing, have increased dramatically with the increased use of cloud resources.  It is often difficult to tell the difference between a legitimate notice and emails that are phishing for your account information.

It used to be that you could simply judge the validity by reviewing the grammar of the message.  Now a more critical eye is needed.

Recent Example

Below is a sample of a phishing attempt that recently spread across campus.  As you can see, it seems fairly legitimate, until you put it through the three step test.

Is it phishing?

Quick Checks

Below are three quick checks you can perform to help judge the validity of a message regarding your Allegheny Account.

  1. What are from: and to: fields? –   If they are the same or you are not the only recipient you should be skeptical. Information Technology Services (ITS) communicates only with individual users about their accounts credentials, we will not send out bulk email about ones account.
  2. Is there a link in the message that points somewhere other than the identified URL?  It is most likely a phishing attempt.  The URL of the Allegheny Password Change Form is https://accounts.allegheny.edu/pw_change_page.php and is the only page we would direct you to use to handle an account password issue.
  3. Is the message signed generically or is there an individual that you know sending the message?  –  When handling issues regarding Allegheny Account information, ITS contacts individuals directly and will always sign the message from a particular staff person.  If you receive a message about your Allegheny Account from anyone not known to be in Information Technology Services (ITS) you should question the validity of the message.

It is also common practice when we send you a message about your account to provide an alternative contact method, normally calling the ITS Help Desk at 332-2755, to confirm the accuracy of the information.  Messages without alternative contact information should be handled with suspicion.

What to Do?

When you determine a message is phishing, the best course of action is to report it as phishing within Gmail.  This will decrease the chances of the message landing in other’s inbox.

If you fell victim and provide your account information, the first step is to change your password.  The Allegheny Password Change form is available at: https://accounts.allegheny.edu/pw_change_page.php.  Changing your password terminates the access gained through a phishing attack.

As always, should you have questions about phishing or how to more safely navigate this cloud based world, please contact the ITS Help Desk .