What is a Phishing Email?
(and what harm can it cause)
Phishing scams entail scammers sending false email messages that seem to come from reliable sources, like a colleague, a manager, or an external company you do business with.
Phishing attempts are not limited to email messages. SMS phishing (known as “smishing”) is the term for phishing that takes place over text messages (SMS).
Scammers trick you into disclosing your username/email address and password by getting you to click on a link to a fake website, or open an attachment on your phone, tablet, or computer.
Malicious emails like this negatively affect the security of Fanshawe’s network as well as Fanshawe’s world-wide reputation. It is important to always use caution while reading, replying to, and clicking on links within emails.
Please DO NOT CLICK on any unsolicited email links that ask for your login details or ask you to update your credentials from sources or people you do not recognize.
In addition, some phishing emails will not offer malicious links, but will masquerade as a Fanshawe employee asking for help. Generally, that help will be a request to purchase gift cards and to send the card information back via email but can also be in the form of joining other dubious money schemes.
If you’ve received a scam email, the best thing to do is to immediately place the email in your junk folder or delete it.
If the sender is a colleague, you can notify them that you received a phishing email from them.
Note: please do not respond back to the email you received or try to send a new email. Please contact them some other way (phone call, in person, etc.)
You’re done! Thank you for not clicking on any links or replying to the email!
If you replied to a phishing email but did NOT click on any links, you have less to worry about. However, it is possible that you’ve increased your changes of being targeted by attacks in the future.
It is especially important to ensure you have a STRONG password and strong answers to your challenge questions (answers that are very hard to guess).
If you’ve clicked on a link within a scam email, more than likely the next screen you will see will prompt you to enter your credentials. This may look like Microsoft login screen or something that looks familiar to you. You may have attempted to log into this screen under the impression it was legitimate. Even if you did not enter your credentials, or you entered them incorrectly, or you got an error, the next step is to ALWAYS change your password.
Please go to Password.FanshaweC.ca and click Go to Reset Tool.
It is also HIGHLY recommended to update your Challenge Questions as well.
There are also some other areas to check to ensure no unwanted changes have been made to your account.
- Please check your email rules within Microsoft Outlook and Office.com.
If you have any rules listed that you did not create, please delete them.
- Another suggestion is to run an AntiVirus scan on your computer.
If this is a Fanshawe-Provided computer, please locate the TrendMicro agent (located near your clock) and select Scan. This will initiate a manual scan to run. Please select your whole computer and allow the scan to complete. This will ensure nothing is running on your computer that should not be.
Recommended Prevention Steps
MFA (Multi Factor Authentication) is an important prevention method to make it harder for scammers to gain access to your account.
If you do not already have MFA enabled, please reach out to the IT Service Desk and we will enable this for your account and go through the first time setup.
If in doubt – Reset your password!
Disclaimer: Please be aware that no step listed below is a prefect resolution to resolving phishing email issues. While these steps may not be 100% effective, they are regarded as best practice in the prevention and resolution of phishing/scam emails and unwanted account access.