You've Been Phished

How to Detect a Phishing Attack

  • Messages creating a tremendous sense of urgency.
  • Look for typos or discrepancies in logos.
  • Pressure to bypass or ignore our security policies or procedures.
  • Read URLs from left to right, the last address is the true domain, for example might look like it will take you to Amazon’s website, but in fact it will take you to
  • Offers that seem too good to be true.
  • Generic greetings such as "Dear customer" or "Dear Member"
  • Emails that are work related but are sent from a personal email address, such as or
  • Websites that claim to be secure but do not use HTTPS.
  • Requests for sensitive data such as credit card numbers or account passwords. 
  • The tone or wording of the message does not sound like the sender.
  • Sites that begin with an IP addresses instead of a domain name.

Security Recommendations

 ITS Information Security strongly recommends the following for you:

Think before you click! If you suspect a phishing attack, report it immediately to