ITS News

Information Technology Services

Illustration showing a representation of an email being caught on a fishing hookPhish·ing  \ˈfi-shiŋ\  noun

The act of deceiving an online user in order to gain private information by posing as a legitimate company.


Since the COVID pandemic began in 2020, phishing attacks and scams have thrived. Today, phishing attacks account for more than 80% of reported security incidents

Do you know how to recognize phishing emails? 

Phishing emails commonly…

  1. Create a sense of urgency
    Attackers want to make you panic so that you are more likely to make a mistake. Example: Subject of an email is “Urgent: Your Accounts Needs Updating.”

  2. Ask for personal info
    An attacker’s goal is to get your personal information like passwords, tax ID numbers, and bank account information.

  3. Use misleading URLs
    Attackers will disguise hyperlinks to their malicious sites that look very close to the links for trusted sites and  services.

    Before you click on a link, hover your cursor over the link to see where it goes. If it looks odd, do not click on it!

  4. Have poor spelling and grammar
    Many phishing attempts are poorly written and have numerous misspellings.
An image on an email showing examples of Creating Urgency, asking for personal info, misleading links, and bad spelling grammar.

Think before you click on any suspicious emails, links, or attachments and make sure to report any suspicious emails if you can.

Learn more about protecting yourself against phishing attacks.