Can You Spot a Phishing Scam?

PHISHING ALERT: A new scam disguised as a Tufts Newsletter is trying to trick you to get your data. Remember to “think before you click”!

Phishing emails can come in many forms but generally seem to come from a trusted source but trick you into taking a risky action (i.e., sending money) or giving up private information (i.e., your account login, credit card info).

Tufts recently put in place an [External] Email tag on messages coming outside of the Tufts network as a warning that you should think before you click. Do you recognize the sender and were you expecting an email from this person? Not sure, then check twice and don’t click.

The [External] tag, 2-factor authentication (2FA), and other sophisticated security measures that have been put in place at Tufts will flag these messages, but it is ultimately YOU who will be the best defense against getting phished!

Do you know how to spot a Phishing Scam? 

A few ways to recognize a phish:

• Includes an urgent call to action or threat
• Is from a first time or infrequent sender 
• Includes obvious spelling errors and bad grammar 
• Starts with a generic greeting 
• Email and domain name don’t match (i.e., says it’s from Tufts but email is Gmail.com)
• Includes suspicious links or unexpected attachments 

Want to be sure you can identify spam and phishing emails before your data is compromised? Take this brief online Udemy workshop, “Easily Identify Spam and Phishing Emails”. [Note: Tufts offers members of the University access to Udemy for FREE at tufts.udemy.com; login using your Tufts credentials and SSO – single sign on.]

And finally, if you believe you received a phishing message or fell victim to one of these scams, please report it to it@tufts.edu.