Learn to Spot a Phishing Scam | Information Technology | University of Pittsburgh
!

You are here

Learn to Spot a Phishing Scam

What is phishing?

Phishing uses fake emails or websites to collect usernames and passwords as well as bank account numbers, social security numbers, and other personal information. These emails and websites may look real, but they are actually designed to fool you into divulging information.

Learn more about phishing emails and how to report them.

How to spot a phishing scam

You can identify a phishing scam by looking for email messages that:

  • Create a sense of urgency
  • Invoke strong emotions, like greed or fear
  • Request sensitive data
  • Contain links that do not appear to match legitimate resources for the organization that is contacting you

Always remember that legitimate companies and organizations will never ask for passwords, social security numbers, and other sensitive data via email.

Phishing email examples:

***************************************************

Subject: Confirm Your E-mail Address
Dear Webmail Account Owner

This message is from web mail admin messaging center to all web mail account owners. 

We are currently upgrading our data base and e-mail account center. We are canceling 
unused web mail email account to create more space for new accounts.

To prevent your account from closing you will have to update it below to know it's 
status as a currently used account.

CONFIRM YOUR EMAIL IDENTITY BELOW
Email Username :
Email Password :
Date of Birth :

Warning!!! Any account owner that refuses to update his/her account within Three days 
of this update notification will loose his/her account permanently.

Thank you for using this web mail

Support Team

***************************************************

Here are some more examples of phishing scams that have been received by the Pitt community. You can review these examples to familiarize yourself with various phishing messages. You can always view the latest phishing alerts on our Alerts and Notifications page.

Avoid phishing and protect others

Email and Phishing Training Course

Learn how to protect yourself from phishing scams, how phishing attacks work, and how to recognize and respond to one—take the Pitt IT Email and Phishing interactive mini-course.

Follow the steps in the Safe Computing for Students and Safe Computing for Faculty and Staff sections to learn more about protecting yourself from phishing scams.

To report a phishing scam, forward the phishing email as an attachment to phish@pitt.edu. When you report them to our security team, we will examine the email and, if necessary, advise you of any further steps you may need to take.