You are here
Learn to Spot a Phishing Scam
What is phishing?
Phishing uses fake emails or websites to collect usernames and passwords as well as bank account numbers, social security numbers, and other personal information. These emails and websites may look real, but they are actually designed to fool you into divulging information.
Learn more about phishing emails and how to report them.
How to spot a phishing scam
You can identify a phishing scam by looking for email messages that:
- Create a sense of urgency
- Invoke strong emotions, like greed or fear
- Request sensitive data
- Contain links that do not appear to match legitimate resources for the organization that is contacting you
Always remember that legitimate companies and organizations will never ask for passwords, social security numbers, and other sensitive data via email.
Phishing email examples:
*************************************************** Subject: Confirm Your E-mail Address Dear Webmail Account Owner This message is from web mail admin messaging center to all web mail account owners. We are currently upgrading our data base and e-mail account center. We are canceling unused web mail email account to create more space for new accounts. To prevent your account from closing you will have to update it below to know it's status as a currently used account. CONFIRM YOUR EMAIL IDENTITY BELOW Email Username : Email Password : Date of Birth : Warning!!! Any account owner that refuses to update his/her account within Three days of this update notification will loose his/her account permanently. Thank you for using this web mail Support Team ***************************************************
Here are some more examples of phishing scams that have been received by the Pitt community. You can review these examples to familiarize yourself with various phishing messages. You can always view the latest phishing alerts on our Alerts and Notifications page.
- Fake Job Opportunity (Personal Assistant)
- DocuSign Review Request
- LastPass Password Update
- Quarantined Messages Notice
- Outlook Webmail Update
- Password Expiration Scam from Pitt Address
- Overdue Invoice
- Library Account Expiration Notice
- Unusual Sign-in Attempt
- DHL Letter Pick-Up
- Mailbox Almost Full
Avoid phishing and protect others
Email and Phishing Training CourseLearn how to protect yourself from phishing scams, how phishing attacks work, and how to recognize and respond to one—take the Pitt IT Email and Phishing interactive mini-course. |
Follow the steps in the Safe Computing for Students and Safe Computing for Faculty and Staff sections to learn more about protecting yourself from phishing scams.
To report a phishing scam, forward the phishing email as an attachment to phish@pitt.edu. When you report them to our security team, we will examine the email and, if necessary, advise you of any further steps you may need to take.