网络钓鱼是一种常见的网络攻击，攻击者冒充合法组织或个人，欺骗受害者泄露敏感信息，如用户名、密码、财务详细信息或个人识别号码（pin）。 The most common method of phishing is 新葡京app email, though phishing attempts can also come 新葡京app text messages ("smishing"), phone calls (voice phishing or "vishing"), and even social media messages.

Phishing emails often look like they’re from trusted sources — like 新葡京app State's IT department, a well-known service provider, or a campus organization — and they may include requests for personal information, account verification, or immediate action on an account. 这些信息通常试图制造一种紧迫感、恐惧或兴奋感，以促使受害者迅速做出反应。

如何发现网络钓鱼

发现网络钓鱼并不总是那么容易，但有几个迹象可以帮助您识别恶意电子邮件或消息。 以下是一些需要注意的常见危险信号：

• 可疑的电子邮件地址和域名- 合法的大学通信将始终来自官方的大学电子邮件地址（例如[email protected]）。 Phishing emails often come from addresses that closely resemble, but don't exactly match, official domains (e.g., @weber.com, @univeristy.edu or @weber-accounts.com).
• 〇普通问候 Phishing emails often begin with generic phrases like "Dear Student," "Dear User," or "Dear Sir/Madam," rather than addressing you by your name. 虽然大学可能会发送大量电子邮件，但合法的邮件通常会在问候中附上你的具体姓名或学生号。
• 可疑链接- 将鼠标悬停在电子邮件中的任何超链接上（不要点击！），看看它们指向哪里。 网络攻击者经常将恶意链接伪装成合法的url，但它们可能会指向一个完全不同的网站。 For example, a link that says “Click here to verify your account” might actually direct you to an unrelated site designed to steal your login credentials. 很多时候，这些链接会把你带到一个看起来很熟悉的网站，比如韦伯州立大学的登录页面，甚至是一个看起来来自大学的谷歌表单。
• 紧急或威胁性语言- 网络钓鱼信息通常会给人一种紧迫感。 Phrases like “Immediate action required,” “Your account will be suspended,” or “Verify your information within 24 hours to avoid consequences” are typical tactics used by attackers. 韦伯州立大学很少，如果有的话，会发出这样的威胁信息，需要立即采取行动。
• 拼写和语法错误 许多钓鱼邮件包含拼写、语法和标点错误。 Official communications from the university are typically proofread several times and well-written, so any odd phrasing or inconsistencies in formatting are red flags. 记住，随着人工智能工具的出现，拼写和语法错误可能不那么明显了。
• 〇不寻常的附件 网络钓鱼邮件可能包含看起来不合适的附件，例如意想不到的发票、表格或文档。 小心处理任何你意想不到的电子邮件附件，特别是当它要求你打开或下载来自一个不熟悉的发件人的文件时。
• 好得令人难以置信 If you receive an email offering something that sounds too good to be true -— such as a scholarship, a free laptop, or an unusual prize — be wary. 网络钓鱼通常伪装成获奖通知或假奖学金邀请，引诱你透露个人信息。

如果你收到一个网络钓鱼企图怎么办

If you suspect that you’ve received a phishing email or message, it’s important to take the right steps to protect your account. Here's what to do:

1. 不要回应或点击任何链接。 If you think an email is a phishing attempt, don’t engage with it. 避免回复邮件、点击任何链接或下载任何附件。 网络攻击者经常使用这些策略来获取你的个人信息或在你的设备上安装恶意软件。

2. 验证源。 如果邮件看起来像是来自大学部门，请直接使用大学官方网站上的联系信息与该部门联系（而不是电子邮件中的联系方式）。 Similarly, if the message looks like it's from an external service provider (like a bank or email provider), go directly to their website and log in to verify if there is any action required.

3. 报告钓鱼企图。 点击邮件右上角的3个点。 Then click "report phishing" which will notify Google of the email and prevent these types of emails in the future.

4. 删除消息。 Once you’ve reported the phishing attempt, delete the message from your inbox and your deleted items folder to prevent accidental interaction with it later.

5. 修改密码。 如果你不小心点击了网络钓鱼链接，并输入了密码或个人识别号码等敏感信息，请立即更改密码。 更新你的大学登录凭证以及任何相关帐户（例如，电子邮件，银行，社交媒体）。 Never divulge your Duo (MFA) pin number or accept a push when you didn't initiate it in Duo.

6. 运行安全扫描。 网络钓鱼邮件可能包含可能感染您的设备的恶意软件或病毒。 运行防病毒或安全扫描以确保系统上没有安装恶意软件。 您应该联系IT服务台或您的CTC寻求帮助。

结论

Phishing is a persistent threat in today’s digital world, and 新葡京app State is also often targeted due to the large number of users and the valuable information it holds. 通过保持警惕并学会识别网络钓鱼企图的迹象，学生、教师和工作人员可以保护他们的个人和学术信息免受恶意行为者的攻击。 If you receive a suspicious message, always verify the sender’s identity, avoid clicking links, and report the attempt. 采取这些简单的预防措施可以帮助保护你的账户和韦伯州立大学免受网络罪犯的侵害。 Visit weber.edu/iso/phishing.html to learn more.

IT服务台

801-626-7777

[email protected]

weber.edu/help

Lampros Hall, 110