October is Cybersecurity Month! And this week’s topic is about one of the greatest threats to cybersecurity: phishing.

Phishing is the practice of cybercriminals posing as a trusted individual or institution and attempting to gather private information. Usually the attacker tries to trick the victim into providing a username and password or downloading malware.

Use these simple tips to determine if a message is a phishing attempt: 

  • Check the sender’s address carefully.  Phishing emails will often claim to be from someone you know but will actually be from someone else.  If the "From” name and the corresponding "From” email address don’t match, it’s indicative of a phishing attempt.
  • Give emails marked with [EXT] in the subject a second look. These emails are sent from those external to Stonehill. If an email claims to be from a Stonehill sender, yet also carries the [EXT] tag, you can safely assume it is a phishing attempt.
  • Never send your password to anyone in an email. No one at Stonehill, nor any company you do business with, will ever ask you for your password in an email. 
  • If you see a link in a suspicious email message, don't click on it.  Safe Links, the new feature recently activated in Office365, provides some protection against malicious links by warning you not to follow them.  Contact the Service Desk if you’re not sure what to do.  

If you have any questions or need assistance, please contact the IT Service Desk at 508-565-1111 or via e-mail at service-desk@stonehill.edu