Phishing
Unfortunately, Phishing is a common experience for email users these days. Swarthmore email users often receive requests for their network/email passwords, user IDs, and other private data. Some of these emails can be very convincing and appear to be from Swarthmore faculty, staff, or students. It's important to realize that the "From:" address in any email can be easily forged. A common tactic in phishing emails is to try and create a false sense of urgency or fear
. They accomplish this by using words like “urgent” or “action required” and may even threaten account closures or fees if you don’t click on links, open attachments, or respond with requested information.
To see some of the most recent phishing attempts targeting the campus community, go visit the "Phish Bowl" at https://www.swarthmore.edu/PhishBowl
However, you should know that ITS will NEVER, ever request your password! Emails requesting your password or other personal data should be forwarded to phishing@swarthmore.edu so that ITS is aware, and then deleted.
There are three additional tips that should help you recognize phishing emails:
- ITS will NEVER threaten you in an email (e.g., if you don't click, you will lose access, etc.)
- Emails actually sent by ITS will never end up in your "Spam" folder
- If you're still not sure, you can forward the email to phishing@swarthmore.edu
or at least manually enter the URL of the target site into your browser.