Skip to Main content

What is Phishing?

Phishing is usually an attempt to deceive you into thinking a legitimate organization is requesting information from you. These requests for information may look innocent at first glance or may seem to come from a legitimate source, but do not. These scams request you reply to an email, respond to a request by phone, or follow a link to a web site. 

Email phishing attempts often give clear indications that the request is not legitimate and we will show you some examples on this page.  Links to web sites (sent to you through email) often take you to web pages that look very similar to the legitimate service the email is faking. Banks, E-bay, and online e-cash services like Paypal are common targets; however, phishing attempts are sometimes targeted against specific groups or lists of individuals and are called “spear phishing.”

What does a Phishing email look like?

Phishing emails often attempt to use emotional triggers to get you to react quickly without thinking through whether you should respond, such as dire language about time limits, loss of service, penalties, or language targeting a desire for money. They often have grammar, spelling, and syntax errors, and phrasing that a native speaker would not use. 

An example would be an email with a generic greeting warning of a change in an account requiring you to verify your account information. These emails typically include directions to reply with private information, or provide a link to a web site to verify your account by providing personal information such as name, address, bank account numbers, Social Security numbers, or other sensitive personal information.

Indicators of a phishing email:

Will ASU send legitimate emails that look like phishing scams?

The short answer is NO.  There will be times when legitimate messages must be sent to inform our email users of various issues. These may include password expiration notices, inactive account removal, or cases of account abuse. However, it is very important to remember that the ASU Information Technology department (to include the Technology Service Center) will never ask for your password in an email. If you are ever in doubt about the legitimacy of an email, call the Technology Service Center at 325-942-2911.

Why can’t ASU stop these emails?

ASU stops thousands of phishing attempts, spam emails, and virus infected messages every day, but the methods scammers use change very quickly.  Due to the variety of use for ASU email, we must also be careful not to implement filtering which may block otherwise legitimate email.

How can I avoid phishing scams?

What should I do if I have been scammed by phishing?

Visit the FTC web site for more information on Identity Theft.

Where can I get more information?

Indicators of a phishing email

Other security concerns you should know

Make sure you safely use your mobile devices (cell phones, laptop, iPad, etc.) and avoid illegal sharing of protected intellectual property.