October is Cyber Security Month! This week’s topic is phishing.

Phishing is the practice of cybercriminals posing as a trusted individual or institution and attempting to elicit private information. This is usually done through some form of social engineering where the attacker will try to trick the victim into downloading malware, clicking a link to a dummy webpage where they will enter their password, or (most commonly) by simply replying to the email with pertinent information. 

Phishing attacks have even made headlines recently, with Clinton campaign chairman John Podesta and Secretary of State Colin Powell both being tricked by phishing attempts, leading to the very public leak of their personal emails.

Use these key tips to determine if a message is a phishing attempt:

  • Stonehill will never ask you for your password in an email. Never send your password to anyone in an email, no matter what the email says.  If you’re unsure, contact the Service Desk.
  • Look for spelling errors. Professional companies or organizations usually have copy editors that will not allow a mass email with spelling errors to go out to its users. If you notice many simple mistakes in an email, it might be a scam.
  • If you see a link in a suspicious email message, don't click on it. Hover your mouse cursor over the link to see if the address matches the link that was typed in the message. If the address isn’t something you recognize or looks suspicious, don’t click it, and contact the Service Desk.

If you have any questions or need assistance, please contact the IT Service Desk at 508-565-4357 or via e-mail at service-desk@stonehill.edu