Phishing Emails: How to Avoid the Attack

Computer hackers are getting really crafty with their scams. They use very convincing emails to fish for our personal data.

Chances are, you’ve seen email scams in your inbox, especially recently. They say your account is compromised or deactivated and prompt you to login to fix it or respond to the email with your username and password. But when you do, that’s when the real problems start.

Below is information on phishing emails to avoid being a victim of the attack and what you should do if you fell for a scam.


Commons Characteristics of a Phishing Email!

  • Generic Greetings
    • Because they are sent in bulk to many recipients, scam emails use generic greetings such as “Dear account holder” or “Dear [targeted institution] user”. The Office of Information Technology (OIT) will never ask for your password unless you contact us first via the phone.
  • Use various ruses to entice recipients to click
    • Phishing scam emails use a variety of ruses to explain why it is necessary for recipients to provide the requested information. Often, the messages imply that urgent action on the part of the recipient is required. You will often see a link that will say “Click here”. Usually the link will look suspicious and have nothing to do with the university.
  • Unidentified Sender
    • Phishing emails will normally come from a unknown sender. Always check who is sending the email. Emails from the OIT will always come from

Here is an example of a phishing email:

Screen Shot 2014-03-17 at 12.22.38 PM


What to do if you Receive a Suspected Phishing Scam?

  • DO NOT click on any links in the scam email.
  • DO NOT supply any personal information of any kind.
  • DO NOT reply to the email or attempt to contact the sender.
  • DO NOT open any attachments that arrive with the email.
  • REPORT the phishing scam to
  • DELETE the email from your inbox as soon as possible.


What to do if you Have Already Been Tricked into Submitted Information?

If you have already submitted information to scammers as a result of a phishing scam, you need to contact Helpdesk at or 336-841-4357. It is imperative that you act quickly to protect the account that has been compromised in the phishing attack.


Post by Kaitlyn Reish, Training Specialist at HPU.

Click Here to return to blog homepage.