Phishing Emails

Texas Southmost College’s IT Security team works to protect the college and its computing users from both internal and external threats. The Office of Information technology would like to remind you to always be vigilant of “phishing†attacks that use emails to solicit personal or confidential information.

Here are some clues to recognize phishing emails.

Always check the sender’s address. If an email is not from a address, but claims to be from TSC, it is probably not legitimate. Also, be aware that phishers may forge the sender’s address to make it look as though it came from TSC, even when it didn’t.

Watch where you are going. If an email directs you to a website, check the link before clicking it. Did you know that you can look at the address of a link in your email before you click on it? Most email programs will display the address if you hover your mouse over the link. One strategy is not to click on email links at all and instead go to the site directly. An example would be a message from your bank asking you to go to its website. Rather than clicking the link provided in the email, just type the bank’s address into your browser manually. Note that phishers often make fake websites that look like the real thing. Always check the address bar of your browser to make sure you are visiting the site you think you are visiting.

Never enter your user ID or password unless you have initiated the action. Entering your user ID or password to log on to a legitimate system is fine. However, you should never enter your credentials if requested in an email.

Remember: No TSC employee, even from IT, should ask you for your login credentials. If an email asks you for this information, delete it!

If you think your TSC user ID and/or password have been compromised, change your password immediately.

Report any phishing messages you receive in your TSC email account to [email protected].

Additional Resources