On Phishing

Phishing is a form of email fraud. It is a malicious attempt to trick a recipient into providing credentials like their Lafayette NetID and password. Though there may be some overlap, phish and spam are different. Spam is unsolicited marketing email and does not attempt to collect your personal information.

Phishers try to look like an entity you trust to make you disclose your private information. Messages called phish appear to come from a reputable source such as the Lafayette Help Desk, a trusted online service, or a credit card company.

Phish might have Subjects like “Lafayette email update” or “Email account termination” and instruct you to click on a link and “login and update your account.” A message might look legitimate, but those who are clued-in will notice misspellings, bad grammar, or a From address that differs from an official contact email.

What to Do

Be discriminating. Look for the clues detailed above to spot forms of fraudulent email.

Block and Delete the message. If you receive a message that looks fraudulent, block future emails from the sender and delete the suspicious message. A legitimate message won’t prompt you for sensitive information. Information Technology Services and the Lafayette Help Desk will never ask you for your password.  StaySafeOnline.org provides guidance and how to block email senders.  In any instance where you’re unsure if a message is a phish, contact the ITS Help Desk at help@lafayette.edu or (610) 330-5501 for guidance.

Educate yourself. Use the resources below to keep your digital identity safe.

If you suspect that you provided your NetID and password in response to a phish, change your password and immediately contact the Help Desk at help@lafayette.edu or (610) 330-5501. After changing your password, be sure to update it on any mobile device configured to access your Lafayette email or calendar. If you are unable to reset your password, contact the Help Desk.

Other Forms of Email Fraud

Spear phishing is email spoofing that targets a specific individual or organization in order to gain access to systems like email. Messages might be personalized, look authentic, and appear to come from a Lafayette email address. Pay particular attention to emails that appear to come from Lafayette College Webmail Services, ITS Help-Desk, Help Desk Support, or System Administrator. These messages may include an official Lafayette logo and include instructions to click on a link.

Ransomware attacks also impersonate a trusted sender, but involve an attacker requesting a recipient download an attached file. The file contains ransomware, a type of malware that encrypts files on a computer or shared drive and literally holds data hostage. A warning that files are encrypted may appear. A victim cannot decrypt the files unless they pay a monetary ransom.

  • If you cannot open files and suspect ransomware, do not pay the ransom. Immediately contact the Help Desk at help@lafayette.edu or (610) 330-5501.

Wire fraud is another type of targeted phishing that tries to trick an employee into providing payment for an invoice. The phish might state the invoice is past due and a late fee is pending. The message appears to be from someone with whom the employee has an established business relationship.

  • If you receive an email asking for payment of an invoice, check your records and communicate directly with your contact at the entity requesting payment.


Tagged in: