Phishing is a fraudulent attempt by cybercriminals to obtain sensitive information—such as usernames, passwords, and financial details—by disguising themselves as a trustworthy entity in electronic communications.
The Golden Rule of Verification
University IT and administration will never ask you to provide your password, multi-factor authentication (MFA) codes, or social security number via email. If an email creates a sense of extreme urgency or threatens account closure, treat it as high-risk.
Standard Security Practices
To keep your account secure, always follow these active defense protocols:
- Use the Report Phish button in Outlook for suspicious mail.
- Check the "From" address by hovering over the sender's name.
- Manually type URLs into your browser instead of clicking links.
- Verify unusual requests via a known phone number or Chat.
Common Phishing Red Flags
The following elements are hallmarks of a phishing attempt:
- Urgent Language: "Act now or your account will be deleted."
- Generic Greetings: "Dear Valued Customer" or "User."
- Poor Grammar: Unusual spelling or awkward phrasing.
Visual Logic: Reporting vs. Forwarding
When you report a phishing attempt, the security team needs the technical metadata (headers) found in the original message. A standard "Forward" strips this data away, making investigation impossible.
The "Report Phish" Button
Status: ACTIVE_DEFENSE
Why use it: This is the fastest method. It automatically sends the full technical headers to the security team and trains the university's spam filters to block the sender for everyone else.
Forward as Attachment
Status: MANUAL_ESCALATION
Why use it: If the button is unavailable, you must "Forward as Attachment." This wraps the original email in a new one, preserving the IP addresses and routing info the security team needs to trace the source.
Why "Metadata" Matters for Protection
Phishing emails are more than just text; they contain invisible routing information called Headers. Our security systems use these headers to:
- Identify the specific server used by the hacker (IP Address).
- Confirm if the email actually originated from the claimed sender (SPF/DKIM checks).
- Blacklist malicious domains university-wide within minutes.
By using the Report Phish button or Forwarding as an Attachment, you are providing the "fingerprints" necessary to stop the attack before it reaches your colleagues.
Critical Warning: Standard Forwarding
Never use a standard "Forward" (the "Forward" button) to report phishing. Doing so creates a new email where YOU appear as the sender, and the original hacker's technical data is deleted. This prevents the security team from taking action against the source.
Immediate Action Steps
- Do Not Click: If you suspect an email is fake, do not click any links or download attachments.
- Use the "Report Phish" Tool: Located in your Outlook toolbar. This is the primary method for all university accounts.
- Manual Forward (Only if necessary): If the tool is missing, create a new email to security@northcentral.edu and drag-and-drop the suspicious email into the body to send it as an attachment.
- Contact IT: If you interacted with a link or provided any information, call the IT Service Desk immediately to reset your credentials and secure your account.