Email Phishing

What is Phishing

Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, banks, online payment processors or IT administrators are commonly used to lure unsuspecting public.As a general rule, never send sensitive personal information such as Social Security numbers or credit card numbers via email: only use properly secured methods for transmission of such data.  Never give your account password to anyone.  Never click on links in emails received, unless you verify that the sender is who they claim to be and that they acknowledge sending you the email in question.More information about Phishing can be found at:http://en.wikipedia.org/wiki/PhishingThere is a chance that the individuals that compromised your account made changes to your mailbox that will cause you to miss important emails. Please follow these steps to ensure that your account is functioning normally.

Examples of Phishes that have been received at Vanderbilt

Below is one of the messages that have been received at Vanderbilt. The message looks legitimate on the surface, but the links in blue lead to a site that is not hosted at Vanderbilt. To see where a link actually goes to simply hover over it with your mouse. Example LinkPhishing Example

How do I report a phishing attack

If you have received a phishing email, please report it to VUIT Information Security by one of two methods:

  • Using the Outlook email client, select the “Report Message” button in the ribbon at the top, then select “Phishing.”
    Report a message
  • If you are not using Outlook, or the button is not available, please send the phishing email (as an attachment) to phishing@vanderbilt.edu.

If you have any questions, email them to phishing@vanderbilt.edu, or contact VUIT Support at 615-343-9999.

What do I do if I think my account has been compromised

There are two mail areas of concern when your account is compromised: your ePassword and your email account.If you suspect someone knows your ePassword you need to change it immediately going to the “Change My Password” button on the VUIT website.

  1. Check for mailbox rules that delete all new messages. Using outlook or OWA perform the following steps to check your mailbox rules.
  • OWA
  • Go to Options in the top right corner and select “Create an Inbox Rule”
  • Review the list of rules that you have to ensure there is no rule that automatically deletes messages. When you click on a rule you will see the actions on the right side of the page. If the rule says “Apply to all messages” and “delete the message” remove it.
  • Look in your deleted items folder for messages that you may have missed because they were automatically deleted.  You can simply drag the messages from the deleted items folder to your inbox.
    • Outlook
    • Click on “Rules” on your ribbon bar.
    • Select “Manage Rules & Alerts”
    • Look for a rule that does the following
      • If the rule says “Apply to all messages” and “delete the message” remove it.
      • Click “Ok”

Once the delete rule has been removed from your mailbox your new messages should be delivered to your inbox as expected.

Explore Story Topics