Phishing Alert | “CAMPUS SECURITY NOTIFICATION”

Posted February 14, 2017 by Academic and Institutional Technology
Tags: Phishing Attempts

Phishing Alert | “CAMPUS SECURITY NOTIFICATION”

Effective Date: February 14, 2017

Some employees and students recently received an email claiming to be a security notification from Wheaton College Campus Security. The email includes a hyperlink to a protocol outline that the recipients are supposed to open.

This email is a phishing attempt. Do not click the link. Thank you to all who reported this scam.

If you responded to this scam, please contact us at 630.752.4357 (HELP).

How to Spot a Phishing Attempt

The image above is a screenshot of this phishing attempt. Several things indicate that this email is not what it claims to be:

1. The email claims to be from the Wheaton College Campus Security Board, but was not sent from a @wheaton.edu email account.
2. The subject line is in all caps. While subject lines like this don’t always indicate a phishing attempt, it’s still a sign to be more cautious than usual. All-caps are often used to provoke a sense of urgency that could override healthy caution.
3. The email is very ambiguous about the alleged “recent security concern,” and prompts the recipient to follow the link to find more information.
4. Check to see if the URL matches the supposed sender. You can often hover over links to see the URL. This email claimed to be from Wheaton College, but the link directed people to an unrelated website.
5. A legitimate email from Wheaton College should include contact information such as an email address and phone number for the department sending the email.

Always exercise caution when responding to emails. If you're not sure whether an email is a phishing attempt or not, contact us by email at ait.service.desk@wheaton.edu or call 630.752.4357 (HELP).