Agriculture Communication

Accessibility


| Share

Phishing: Don’t Get Hooked

NDSU Phishing logo The NDSU IT Division is launching an anti-phishing program that will empower students, faculty and staff to protect themselves against phishing scams. We are on the workgroup that is called Phishing Education and Awareness Training Simulation (PEATS).

What is phishing?

Phishing scams are cyber criminal attempts to steal personal and financial information or infect computers and other devices with malware and viruses. Phishing emails can appear to be from a legitimate organization, urging you to act quickly to avoid negative consequences. They try to entice you to open malicious attachments or click on links to fraudulent websites used to collect sensitive information like usernames and passwords.

Recent phishing emails spotted at NDSU

These have been reported to Ag Comm technicians Jerry, Blair and Jon:

  • You get an email with an attached invoice you weren’t expecting from someone or a company you don’t recognize. The email urges you to click on the attached invoice before a certain date to avoid a late fee.
  • You get an email from someone claiming to be from the NDSU Help Desk urging you to click on a link to resolve an email inbox issue such as storage exceeded or your password must be changed.

How does phishing affect me?

Hundreds of NDSU students, faculty and staff members have been hooked by email phishing scams since the start of the semester, potentially exposing their confidential information to cyber criminals.  

What’s being done to decrease phishing?

The PEATS group is working on an educational program where we’re sending out simulated phishing emails to specific departments on campus to help people identify and avoid phishing scams.

Over the next couple weeks, a number of simulated phishing emails will be sent to students, faculty and staff.

While these messages are intended to look like real phishing messages, they will not cause harm, collect personal information or result in any penalty or punitive action. However, you if you do click on a link in a phishing email, you will be redirected to an educational website.

What to do or NOT to do

If you receive a suspicious email, do not reply, click on any links or open any attachments. Instead, you should:

  • Forward it directly to ndsu.reportaphish@ndsu.edu, which keeps intact important information that may help IT staff identify the source of the scam. Then delete the message.
  • Forward it to the NDSU IT Help Desk, ndsu.helpdesk@ndsu.edu, and ask them to confirm whether or not the suspicious message is a phishing scam.

Did you take bait?

If you think you may have responded to a phishing message or clicked on any links within a suspicious message, please immediately contact the NDSU IT Help Desk at 701-231-8685 or ndsu.helpdesk@ndsu.edu.

If you have any questions about phishing, please contact us.

Jerry Ranum, IT Systems Specialist, 701-231-6395
Sonja Fuchs, Web Technology Specialist, 701-231-6403 

Creative Commons License
Feel free to use and share this content, but please do so under the conditions of our Creative Commons license and our Rules for Use. Thanks.