Cyber Security

Cyber Security Tip of the Month

Phishing

Criminals are out to steal your credentials and install malware to compromise Lethbridge College systems. Phishing attacks use 'spoofed' emails that appear to be from a legitimate sender. The email usually contains a link to a website, and asks you to verify your account information or supply personal identity data. While the link appears to go to a legitimate site, it really sends you to a forged website that looks like the real thing. If you log into the site, your credentials will be collected by the criminal.

Many phishing attempts lead you to believe that it is urgent that you should respond immediately with the requested information or something bad will happen, such as closing your bank account. No legitimate company should ever request login information or request that you "verify" your account via email.

What can I do to prevent being a victim of a phishing attack?

  • Don’t read unsolicited email: This sounds strange but it really means don’t open mail from unknown senders. If you are unsure, save the message as an attachment and email the sender directly to see if they really sent you the message.
  • Do not click links or open attachments from unknown or unexpected senders. Once again, if you are unsure you can email the sender directly. (Not clicking reply but composing a new email message.)
  • Do not enter credentials in web forms. This is a common tactic in phishing emails.