How to Avoid Phishing

Computer with Caution TapeWhat is Phishing

Phishing is an email scam designed to steal your account or personal information. Successful phishing attempts are designed to look like they come from a knowledgeable source, like "ROANOKE Help desk"  These emails usually contain: 

  • attachments
  • download links to malicious software
  • requests to login to steal your username and password
  • requests to send personal information

What should I know?

Legitimate organizations do not request sensitive information by email. You should never send over email the following information:

  • Username and password
  • Personal information such as age, social security number, or home address.
  • Information of a financial nature
  • Software downloads

If you receive a suspicious email:

  • Do not reply
  • Do not open any attachments
  • Do not click on any links
  • Contact Roanoke College Helpdesk at helpdesk@roanoke.edu or 540-375-2225

Why my email account?

Your .edu email address and password are alluring to criminals for many reasons. With your login credentials they can:

  • Receive student discounts for software and products reserved for the academic community (such as Amazon Prime Student Membership)
  • Glean more sensitive personal data about you, your intellectual property/research, banking & credit card information, medical information, social media, etc. (You're especially vulnerable if you use the same password across several sites.)
  • Tap into Roanoke College resources for ill-gain
  • File fraudulent income tax returns to receive refunds to their bank account

How to recognize a phishing email

  • Threats and Urgency – Phishers like to use scare tactics, and may threaten to disable an account or delay services until you update certain information. Most phishing campaigns include a call to action. If the content places any kind of urgency as far as “you must click into your account now”, it is potentially a scam.
  • Too generic – Watch out for generic-looking requests for information. Fake emails are often not personalized.
  • Bad grammar – The people behind these attacks don't usually have good grammar and spelling. Many of the emails been translated from foreign languages. Also look for the use of numbers and other characters as substitutes for letters, this is a common tactic meant to evade spam filters.
  • Links in email – If you see a link in a suspicious email message, don’t click on it. Instead, hover your mouse over the link (without actually clicking on the link) to show what real address is.
  • Email body as an image –Sometimes the spammers and phishers send one large image instead of typing out text, avoid these emails.

What is Safe?

Roanoke College websites, always contain roanoke.edu and always, will have SSL Security, a (Green Lock Icon in the web browser). Only ever log into a site if it matches these rules. Microsoft Office 365, will login you in from office.com, but be sure to always start from a Roanoke College website, or go directly to mymail.roanoke.edu 

if you aren't sure, ask. We are here to help.