Guides in this section

Tips for Identifying Spam/Phishing Emails

If you believe your information has been compromised, please call the ITS Helpdesk at (630) 844-5790. 

Spam and phishing emails are becoming more prevalent than ever. Here are a few things to look out for and a few tips on how to spot these emails.

  1. Always double-check the email address of the sender.
    • Often, spam senders will have a contact name that appears legitimate but will have an odd-looking email address. 
    • Even if the email is legitimate, the account could have been compromised. If this is the case, and the email seems suspicious, contact the user to verify.
  2. Always be wary of emails asking you to confirm your account credentials.
    • Phishing attempts normally ask users to confirm their account credentials or have a button or link that brings them to a login prompt that appears to be normal. Always double-check the URL of the site you are brought to if you click one of these links. Often times, they appear a bit off.
    • Hovering over the link/button lets you see along the bottom corner of your browser where the link is going even before you click it. 
  3. If you're not expecting an email from a student or colleague and it appears a bit suspicious, find their contact information outside of the email and call them to confirm. Don't always trust a phone number listed in an email.
  4. Look for spelling/grammatical errors in the message.
  5. Never provide personal information over email, especially passwords.
  6. If you are familiar with the sender, but they don't seem to be familiar with you or their email doesn't look how you would expect, they might be an imposter.
    • Pay attention to how they greet you, phrase their sentences, and sign their email. Does everything look normal?
  7. Though a bit rarer now, be on the lookout for suspicious files sent. Never open any document you were not expecting without confirming it is legitimate.
  •  

If you believe you have received a spam/phishing email, report it using the Phish Alert plugin in Outlook. To learn more about how to use this feature, refer to the Reporting Phishing and SPAM emails guide.