Information Technology Services LMU.edu
Apply Visit Give
Apply Visit Give
Information Technology Services LMU.edu
Apply Visit Give
Apply Visit Give
Information Technology Services > Secure IT > Cybersecurity at LMU > Phishing > You've Been Phished

You've Been Phished

How to Detect a Phishing Attack

  • Messages creating a tremendous sense of urgency.
  • Look for typos or discrepancies in logos.
  • Pressure to bypass or ignore our security policies or procedures.
  • Read URLs from left to right, the last address is the true domain, for example https://store.amazon-    com.example.com/index.html might look like it will take you to Amazon’s website, but in fact it will take you to example.com.
  • Offers that seem too good to be true.
  • Generic greetings such as "Dear customer" or "Dear Member"
  • Emails that are work related but are sent from a personal email address, such as hotmail.com or gmail.com.
  • Websites that claim to be secure but do not use HTTPS.
  • Requests for sensitive data such as credit card numbers or account passwords. 
  • The tone or wording of the message does not sound like the sender.
  • Sites that begin with an IP addresses instead of a domain name.

Security Recommendations

 ITS Information Security strongly recommends the following for you:

  • Visit the ITS Information Security Phishing page to learn more about how to recognize these phishing emails and protect yourself and our organization from getting hooked.
  • If you have not taken the ITS Information Security and Awareness Training, now is a great opportunity to reinforce your security awareness. Click here to star.

Think before you click! If you suspect a phishing attack, report it immediately to servicedesk@lmu.edu