Protect yourself from phishing and other fraud

Protect yourself from phishing and other fraud

Phishing is a type of cyber attack perpetrated by hackers through email. Phishing scams use emails that attempt to threaten or trick you into doing something—usually, the goal is to get the victim to reveal a password or other personal information or to download malware. Phishers may even attempt to steal your credit card and bank account numbers or your birthdate and Social Security number.

Phishing email scams work by trying to shock, threaten, or trick you into responding without thinking. Watch out for phrases like these:

All these phishing scams ask you to "verify" or "confirm" personal information by replying with the requested information or by going to a fake website that resembles a reputable one. For example, a phisher might create a fake Gmail, Facebook, or University Web page to trick people into "logging in" with their real username and password.

Providing personal information in a reply email or through a fake website puts your accounts—and even your identity—at risk. Hackers could use your account to steal money or place orders, and they could use your personal information to commit identity theft.

Some guidelines to remember:

Tips for avoiding phishing scams

  • Don't believe everything you read. Phishers use urgency and scare tactics to trick people into thinking their messages are real.
  • Check links carefully. Hover your mouse over the link and check for misspellings or suspicious destinations.
  • Don't open unexpected attachments. Phishers use infected attachments to run scripts, compromise your system, and steal your data.
  • Never give up personal information. Legitimate organizations will never ask you to provide your personal information in a reply to an email.
  • Go to the source. Verify the legitimacy of a message by contacting the alleged sender directly through a separate channel (such as over the phone or in person). If you're directed to a website to do something, make sure you're going to an official website.
  • Check Secure UD Threat Alerts. The University posts alerts about phishing scams that are known to target members of the University community. If you receive a phishing scam that isn't listed on this blog, forward it to

Your responsibilities as a student

As a student at the University, you're responsible for protecting yourself, your information, and your devices as well as the University's IT resources as you use them.

  1. Use IT resources appropriately
  2. Take responsibility for your device's activity
  3. Protect and clean your computer
  4. Use strong and unique passwords
  5. Protect yourself from phishing and other fraud
  6. Understand copyright laws and file sharing
  7. Protect your online reputation
  8. Understand the consequences for violating the rules