Updating...
Skip to main content
(opens in a new tab)
Filter your search by category. Current category:
All
All
Knowledge Base
Service Catalog
Search the client portal
Search
Sign In
Show Applications Menu
Client Portal
Sign In
Search
ITSC Home
Services
Knowledge Base
More Applications
Skip to Knowledge Base content
Search
Articles
Blank
Knowledge Base
Security
Phishing
Phishing Best Practices
Phishing Best Practices
Tags
Canvas
Security
phishing
identity
Examples of Phishing Attempts You May See
Fake security alerts/urgent password reset requests:
Log directly into an application, such as Canvas, to check access and view any notifications on the application. If you’re unable to access the application, please contact Technology Support to manage your password, MFA and account recovery options.
Ransomware or extortion scams:
Do not click any links. Report the scam to the college's Information Security Office using the
Phish Alert Button
. As a best practice, do not forward suspicious messages or emails, instead take a screenshot and use that to report any potentially harmful communications.
Impersonation attempts:
Do not respond to
anyone
(e.g., instructor, Instructure (Canvas’ parent company), etc.) asking for your
personal information, account information, or credentials or asking you to click on links
. If you are concerned, verify with a reliable resource using a known phone number, website, or known email address.
Fake assignment links:
Log directly into applications like Canvas to review assignments.
Fake grade notices:
Rather thank clicking the link, log directly into the application to review your grades.
To Avoid Being Phished
Secure your password
: Keep your password private.
Slow down
: Don’t let urgency push you into a hasty click. Read carefully. If a message contains an emotional appeal, like a threat intended to scare you or inform you that your account will be disabled, it may be a scam.
Hover before you click
: Hovering over a link reveals the real destination URL (website address). Only click on or download email attachments from people or colleagues you know.
Don’t click on unfamiliar links
: Visit official company websites by typing their URL directly into a browser.
Don’t reply
: Don’t reply directly to a suspicious message or use the contact information it provides. Follow up using a different, trusted means of communication, like calling a verified number, starting a new message thread to a known address or visiting a valid website.
When in doubt, report it
: It’s always safer to report a suspicious message. This may seem counterintuitive, but messages that have been reported as phishing can always be retrieved if identified as false positives.
Sign in to leave feedback
0 reviews
Blank
Blank
Blank
Blank
Print Article
Related Articles (1)
Phish Alert Button (PAB)
Deleting...